idnits 2.17.1 draft-barguil-opsawg-l2sm-l2nm-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 5 instances of too long lines in the document, the longest one being 13 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 485 has weird spacing: '...-target rt-...' == Line 510 has weird spacing: '...roup-id str...' == Line 513 has weird spacing: '...nt-type ide...' == Line 518 has weird spacing: '...roup-id str...' == Line 550 has weird spacing: '...peer-ip ine...' == (4 more instances...) -- The document date (March 9, 2020) is 1480 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 1 error (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force S. Barguil, Ed. 3 Internet-Draft O. Gonzalez de Dios, Ed. 4 Intended status: Standards Track V. Lopez 5 Expires: September 10, 2020 Telefonica 6 L. Munoz 7 Vodafone 8 L. Jalil 9 Verizon 10 March 9, 2020 12 A Layer 2 VPN Network Yang Model 13 draft-barguil-opsawg-l2sm-l2nm-01 15 Abstract 17 This document defines a YANG Data model (called, L2NM) that can be 18 used to manage the provisioning of Layer 2 VPN services within a 19 Service Provider Network. This YANG module provides representation 20 of the Layer 2 VPN Service from a network standpoint. The module is 21 meant to be used by a Network Controller to derive the configuration 22 information that will be sent to relevant network devices. 24 The L2SM complements the Layer 2 Service Model (RFC8466) by providing 25 a network-centric view of the service that is internal to a Service 26 Provider. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at https://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on September 10, 2020. 45 Copyright Notice 47 Copyright (c) 2020 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (https://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 63 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 64 1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4 65 2. Reference architecture . . . . . . . . . . . . . . . . . . . 4 66 3. Description of the L2NM YANG Module . . . . . . . . . . . . . 8 67 3.1. Structure of the Module . . . . . . . . . . . . . . . . . 8 68 3.2. L2 VPN Service . . . . . . . . . . . . . . . . . . . . . 8 69 3.2.1. L2 VPN Service Types . . . . . . . . . . . . . . . . 9 70 3.2.2. Underlying Transport Selection . . . . . . . . . . . 10 71 3.2.3. Other relevant Network Parameters . . . . . . . . . . 10 72 3.3. L2NM Module Tree . . . . . . . . . . . . . . . . . . . . 11 73 4. Relation with other Yang Models . . . . . . . . . . . . . . . 19 74 4.1. Relation with L2SM . . . . . . . . . . . . . . . . . . . 19 75 4.2. Relation with Network Topology . . . . . . . . . . . . . 19 76 4.3. Relation with Device Models . . . . . . . . . . . . . . . 19 77 5. Yang Module . . . . . . . . . . . . . . . . . . . . . . . . . 20 78 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 104 79 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 104 80 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 104 81 9. Security Considerations . . . . . . . . . . . . . . . . . . . 105 82 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 106 83 10.1. Normative References . . . . . . . . . . . . . . . . . . 106 84 10.2. Informative References . . . . . . . . . . . . . . . . . 106 85 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 107 87 1. Introduction 89 [RFC8466] defines a L2VPN Service Model (L2SM) YANG data model that 90 can be used for L2VPN service ordering matters between customers and 91 Service Providers (SPs). This document complements the L2SM model by 92 creating a network-centric view of the service which can be exposed 93 by a Network to a Service Controller within the Service Provider 94 Network. In particular, the model can be used in the communication 95 between the entity that interacts directly with the customer, the 96 service orchestrator, (either fully automated or a human operator) 97 and the entity in charge of network orchestration and control 98 (a.k.a., network controller/orchestrator). 100 The data model defined in this document is called the L2VPN Network 101 Model (L2NM), playing the role of Service Delivery Model (Figure 3 of 102 [RFC8466]. The module supports additional capabilities, such as 103 exposing operational parameters, transport protocols selection and 104 precedence. It also serves as a multi-domain orchestration 105 interface, because this model can transport resources (i.e., VCID) 106 between domains. The data model keeps minimum customer-related 107 information. 109 The YANG module reuses containers and groupings from L2SM [RFC8466] 110 for the cases that the requirements from L2SM can be translated 111 directly to L2NM. 113 1.1. Terminology 115 This document assumes that the reader is familiar with the contents 116 of [RFC6241], [RFC7950], [RFC8466], [RFC8309], and [RFC8453] and uses 117 terminology from those documents. The meaning of the symbols in YANG 118 tree diagrams is [RFC8340]. 120 This document makes use of the following terms: 122 o L2 VPN Customer Service Model (L2SM): Describes the service 123 characterization (requirements) of a L2 VPN that interconnects a 124 set of sites from the perspective of the customer. The customer 125 service model does not provide details on the Service Provider 126 Network. The L2 VPN Customer Service model is defined in 127 [RFC8466]. 129 o L2 VPN Service Network Model (L2NM): Refers to the YANG module 130 that describes a L2 VPN Service with a network-centric view. It 131 contains information of the Service Provider network and might 132 include allocated resources. It can be used by network 133 controllers to manage the Layer 2 VPN Service configuration in the 134 Service Provider network. The YANG module can be consumed by a 135 Service Orchestrator to request a VPN Service to a Network 136 controller or to expose the list of active L2VPN services. 138 o Service Orchestrator: Referst to a functional entity that 139 interacts with the customer of a L2 VPN relying upon, e.g. L2SM. 140 The Service Orchestrator is responsible of the CE-PE attachment 141 circuits, the PE selection, and requesting the activation of the 142 L2 VPN service to a network controller. 144 o Network Controller: Denotes a functional entity responsible for 145 the management of the service provider network. 147 o VPN node (vpn-node): Is an abstraction that represents a set of 148 policies applied on a PE and that belong to a single VPN service 149 (vpn-service). A VPN service involves one or more VPN nodes. The 150 VPN node will identify the Service Provider node on which the VPN 151 is deployed. 153 o VPN network access (vpn-network-access): Is an abstraction that 154 represents the network interfaces that are associated to a given 155 VPN node. Traffic coming from the VPN network access belongs to 156 the VPN. The attachment circuits (bearers) between CEs and PEs 157 are terminated in the VPN network access. 159 o VPN Site (vpn-site): Refers to A VPN customer's location that is 160 connected to the Service Provider network via a CE-PE link, which 161 can access at least one VPN. 163 o VPN Service Provider (SP): Is a Service Provider that offers VPN- 164 related services. 166 o Service Provider Network (SP Network): Is a network able to 167 provide VPN-related services. 169 1.2. Requirements Language 171 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 172 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 173 "OPTIONAL" in this document are to be interpreted as described in BCP 174 14 [RFC2119] [RFC8174] when, and only when, they appear in all 175 capitals, as shown here. 177 2. Reference architecture 179 Figure 1 illustrates how L2NM is used. As a reminder, this figure is 180 an expansion of the architecture presented in Section 3 of [RFC8466] 181 and decomposes the box marked "orchestration" in that figure into 182 three separate functional components called "Service Orchestration", 183 "Network Orchestration", and "Domain Orchestration". 185 The reader may refer to [RFC8309] for the distinction between the 186 "Customer Service Model", the "Service Delivery Model", the "Network 187 Configuration Model", and the "Device Configuration Model". The 188 "Domain Orchestration" and "Config Manager" roles may be performed by 189 "SDN Controllers". 191 +---------------+ 192 | Customer | 193 +---------------+ 194 Customer Service Model | 195 l2vpn-svc | 196 +---------------+ 197 | Service | 198 | Orchestration | 199 +---------------+ 200 Service Delivery Model | 201 L2NM | 202 (l2vpn-ntw) | 203 +---------------+ 204 | Network | 205 | Orchestration | 206 +---------------+ 207 Network Configuration Model | 208 __________|____________ 209 | | 210 +---------------+ +---------------+ 211 | Domain | | Domain | 212 | Orchestration | | Orchestration | 213 +---------------+ +---------------+ 214 Device | | | 215 Configuration | | | 216 Model | | | 217 +---------+ | | 218 | Config | | | 219 | Manager | | | 220 +---------+ | | 221 | | | 222 | NETCONF/CLI.................. 223 | | | 224 +------------------------------------------------+ 225 Network 227 +++++++ 228 + AAA + 229 +++++++ 231 ++++++++ Bearer ++++++++ ++++++++ ++++++++ 232 + CE A + ----------- + PE A + + PE B + ---- + CE B + 233 ++++++++ Connection ++++++++ ++++++++ ++++++++ 235 Site A Site B 237 Figure 1: L2SM and L2NM Interaction 239 Figure 2 shows how L2SM and L2NM may be used in the context of the 240 ACTN architecture [RFC8453]. Figure 2 shows the Customer Network 241 Controller (CNC), the Multi-Domain Service Coordinator (MDSC), and 242 the Provisioning Network Controller (PNC). It shows the interfaces 243 between these functional units: the CNC-MDSC Interface (CMI), the 244 MDSC-PNC Interface (MPI), and the Southbound Interface (SBI). 246 ---------------------------------- 247 | Customer | 248 | ----------------------------- | 249 | | CNC | | 250 | ----------------------------- | 251 ----:-----------------------:----- 252 : : 253 : L2SM : L2SM 254 : : 255 ---------:--------- ------------------- 256 | MDSC : | | MDSC | 257 | --------------- | | (parent) | 258 | | Service | | ------------------- 259 | | Orchestration | | : 260 | --------------- | : L2NM 261 | : | : 262 | : L2NM | ------------------- 263 | : | | MDSC | 264 | --------------- | | (child) | 265 | | Network | | ------------------- 266 | | Orchestration | | : 267 | --------------- | : 268 ---------:--------- : 269 : : 270 : Network Configuration : 271 : : 272 ------------:------- ---------:------------ 273 | Domain : | | : Domain | 274 | Controller : | | : Controller | 275 | --------- | | --------- | 276 | | PNC | | | | PNC | | 277 | --------- | | --------- | 278 ------------:------- ---------:------------ 279 : : 280 : Device Configuration : 281 : : 282 -------- -------- 283 | Device | | Device | 284 -------- -------- 286 Figure 2: L2SM and L2NM in the Context of ACTN 288 3. Description of the L2NM YANG Module 290 The L2NM module ('ietf-l2vpn-ntw') is meant to manage L2 VPNs within 291 a service provider network. In particular, the 'ietf-l2vpn-ntw' 292 module can be used to create, modify, and retrieve L2VPN Services in 293 a Network Controller. The module is not aimed at maintaining 294 customer-related information. 296 Editor's note: Next version of the document will include the full 297 description of the parameters. When the parameters match with L2SM, 298 the exact reference will be done 300 3.1. Structure of the Module 302 The 'ietf-l2vpn-ntw' module uses two main containers: 'vpn-services' 303 and 'vpn-profiles'. The 'vpn-services' container maintains the set 304 of L2 VPN Services managed in the service provider network. The 305 module allows to create a new l2 VPN service by adding a new instance 306 of 'vpn-service'. The 'vpn-service' is the data structure that 307 abstracts the VPN Service. 309 module: ietf-l2vpn-ntw 310 +--rw l2vpn-ntw 311 +--rw vpn-profiles 312 | ....... 313 +--rw vpn-services 314 +--rw vpn-service* [vpn-id] 315 ........ 317 Figure 3: Simplified L2NM Tree Structure 319 3.2. L2 VPN Service 321 The 'vpn-svc' is the data structure that abstracts a L2 VPN Service 322 within the SP Network. Every 'vpn-svc' has a unique identifier: vpn- 323 id. Such vpn-id is only meaningful locally within the Network 324 controller. In order to facilitate the recognition of the service, a 325 'customer-name' and a 'description' may be included. The topology of 326 the VPN service is expressed in the 'vpn-service-topology' leaf. 328 A VPN Service is built by adding instances of 'vpn-node' to the 'vpn- 329 nodes' container. The 'vpn-node' is an abstraction that represents a 330 set of policies applied to a network node and that belong to a single 331 'vpn-service'. A 'vpn-node' contains 'vpn-network-accesses', which 332 are the interfaces involved in the creation of the VPN. The customer 333 sites are connected to the 'vpn_network_accesses'. Note that, as 334 this is a network data model, the information about customers site is 335 not needed. Such information, is only relevant in the L2SM model. 337 +--rw vpn-services 338 +--rw vpn-svc* [vpn-id] 339 +--rw vpn-id svc-id 340 +--rw vpn-svc-type? identityref 341 +--rw customer-name? string 342 +--rw svc-topo? identityref 343 +-rw service-status 344 | +-rw admin 345 | | +-rw status? operational-type 346 | | +-rw timestamp? yang:date-and-time 347 | +-ro ops 348 | +-ro status? operational-type 349 | +-ro timestamp? yang:date-and-time 350 | ... 351 +--rw multicast-like {multicast-like}? 352 | ... 353 +--rw extranet-vpns {extranet-vpn}? 354 | ... 355 | +--rw local-sites-role? identityref 356 +--rw svc-mtu? uint32 357 +--rw ce-vlan-preservation? boolean 358 +--rw ce-vlan-cos-perservation? boolean 359 +--rw transport-encapsulation 360 +--rw protocol? protocols-type 361 +--rw vpn-nodes 363 Figure 4 365 3.2.1. L2 VPN Service Types 367 The L2 VPN Service types directly matches with the L2VPN Service 368 types defined in Section 5.1.3 of [RFC8466]: 370 o Point-to-point VPWSs. 372 o Point-to-point or point-to-multipoint VPWSs [RFC8214]. 374 o Multipoint VPLSs. 376 o Multipoint VPLSs connecting one or more root sites and a set of 377 leaf sites but preventing inter-leaf-site communication. 379 o EVPN services [RFC7432]. 381 o EVPN VPWSs between two customer sites or a set of customer sites 382 as specified in [RFC8214]. 384 3.2.2. Underlying Transport Selection 386 The model enables network operators to select the type of transport 387 protocol underlay. Also, in scenarios with multiple domains and NNI 388 types, the selection of the transport protocol underlay is required. 389 The Service Provider Network might have several underlay 390 possibilities available. If no underlay transport protocol is 391 specified, the Network Controller will take care of the transport 392 decision. The following options are supported in the "transport- 393 encapsulation" container: 395 LDP: MPLS with LDP (martini encapsulation). 397 GRE: A mesh of GRE tunnels is established between vpn-nodes. 399 BGP: BGP tunnels (kompella encapsulation) are preferred to route 400 traffic between VPN nodes. 402 TE: TE tunnels (either RSVP-TE or SR) are prefered. The mapping 403 details will be specified in draft-ietf-te-service-mapping. 405 SR: Non-TE SR is preferred to route traffic. 407 3.2.3. Other relevant Network Parameters 409 This draft is focus in the development of the network centric set of 410 parameters to provision L2VPNs. Thus, the covered scenarios include 411 the augmentation of Virtual Circuit Identifier synchronization in a 412 multidomain environment, precedence management (i.e., Primary and 413 backup coordination), Split Horizon group management. The parameters 414 are described by the container associated: 416 The set of augmentations done in the VPN service are: 418 Status: Request and modify the service status 420 The set of augmentations done in the Site Network Access are: 422 Site Bearer: Reference the NEs and Ports were each site Network 423 access belongs. This may help to preserve the local and farends 424 from the Network controller site. 426 Precedence: When two L2VPNs are created at the same time, the 427 primary secondary option is enabled according to the tunnel role 428 on the network. 430 Lag Interface Support. 432 Split Horizon group: Split-horizon group name is extended as part 433 of the Site Network Access container. 435 Status: Request and modify the interface status. 437 3.3. L2NM Module Tree 439 The tree structure of the Yang module proposed by this document is 440 shown below: 442 module: ietf-l2vpn-ntw 443 +--rw l2vpn-ntw 444 +--rw vpn-profiles 445 | +--rw valid-provider-identifiers 446 | +--rw cloud-identifier* string {cloud-access}? 447 | +--rw qos-profile-identifier* string 448 | +--rw bfd-profile-identifier* string 449 | +--rw remote-carrier-identifier* string 450 +--rw vpn-services 451 +--rw vpn-svc* [vpn-id] 452 +--rw vpn-id svc-id 453 +--rw vpn-svc-type? identityref 454 +--rw customer-name? string 455 +--rw svc-topo? identityref 456 +--rw status? operational-type 457 +--rw timestamp? yang:date-and-time 458 +--rw multicast-like {multicast-like}? 459 | +--rw enabled? boolean 460 | +--rw customer-tree-flavors 461 | | +--rw tree-flavor* identityref 462 | +--rw bum-frame-delivery-modes 463 | | +--rw bum-frame-delivery* [traffic-type] 464 | | +--rw traffic-type identityref 465 | | +--rw delivery-mode? identityref 466 | +--rw multicast-gp-port-mapping? identityref 467 +--rw extranet-vpns {extranet-vpn}? 468 | +--rw extranet-vpn* [vpn-id] 469 | +--rw vpn-id svc-id 470 | +--rw local-sites-role? identityref 471 +--rw svc-mtu? uint32 472 +--rw ce-vlan-preservation? boolean 473 +--rw ce-vlan-cos-perservation? boolean 474 +--rw transport-encapsulation 475 | +--rw protocol? protocols-type 476 +--rw vpn-nodes 477 +--rw vpn-node* [vpn-node-id ne-id] 478 +--rw vpn-node-id string 479 +--rw description? string 480 +--rw node-role? identityref 481 +--rw ne-id string 482 +--rw vpn-target* [id] 483 | +--rw id int8 484 | +--rw route-targets* [route-target] 485 | | +--rw route-target rt-types:route-target 486 | +--rw route-target-type 487 | rt-types:route-target-type 488 +--rw vpn-policies 489 | +--rw import-policy? leafref 490 | +--rw export-policy? leafref 491 +--rw vpn-network-accesses 492 +--rw vpn-network-access* [network-access-id] 493 +--rw network-access-id 494 | string 495 +--rw description? 496 | string 497 +--rw remote-carrier-name? 498 | string 499 +--rw Interface-mtu? 500 | uint32 501 +--rw status? 502 | operational-type 503 +--rw timestamp? 504 | yang:date-and-time 505 +--rw access-diversity {site-diversity}? 506 | +--rw groups 507 | | +--rw fate-sharing-group-size? uint16 508 | | +--rw group-color? string 509 | | +--rw group* [group-id] 510 | | +--rw group-id string 511 | +--rw constraints 512 | +--rw constraint* [constraint-type] 513 | +--rw constraint-type identityref 514 | +--rw target 515 | +--rw (target-flavor)? 516 | +--:(id) 517 | | +--rw group* [group-id] 518 | | +--rw group-id string 519 | +--:(all-accesses) 520 | | +--rw all-other-accesses? 521 | | empty 522 | +--:(all-groups) 523 | +--rw all-other-groups? 524 | empty 525 +--rw connection 526 | +--rw encapsulation-type? identityref 527 | +--rw eth-inf-type* identityref 528 | +--rw dot1q-interface 529 | | +--rw l2-access-type? identityref 530 | | +--rw dot1q {dot1q}? 531 | | | +--rw physical-inf? string 532 | | | +--rw c-vlan-id? uint32 533 | | +--rw sub-inf {sub-inf}? 534 | | | +--rw interface-description? 535 | | | | string 536 | | | +--rw sub-if-id? 537 | | | uint32 538 | | +--rw qinq {qinq}? 539 | | | +--rw s-vlan-id? uint32 540 | | | +--rw c-vlan-id? uint32 541 | | +--rw qinany {qinany}? 542 | | | +--rw s-vlan-id? uint32 543 | | +--rw atm {atm}? 544 | | | +--rw vpi? uint32 545 | | | +--rw vci? uint32 546 | | +--rw vxlan {vxlan}? 547 | | +--rw vni-id? uint32 548 | | +--rw peer-mode? identityref 549 | | +--rw peer-list* [peer-ip] 550 | | +--rw peer-ip inet:ip-address 551 | +--rw phy-interface 552 | | +--rw port-number? uint32 553 | | +--rw port-speed? uint32 554 | | +--rw mode? neg-mode 555 | | +--rw phy-mtu? uint32 556 | | +--rw flow-control? string 557 | | +--rw physical-if? string 558 | | +--rw circuit-id? string 559 | | +--rw lldp? boolean 560 | | +--rw oam-802.3ah-link {oam-3ah}? 561 | | | +--rw enable? boolean 562 | | +--rw uni-loop-prevention? boolean 563 | +--rw lag-interface {lag-interface}? 564 | | +--rw lag-interface* 565 | | [lag-interface-number] 566 | | +--rw lag-interface-number uint32 567 | | +--rw lacp 568 | | +--rw lacp-state? boolean 569 | | +--rw lacp-mode? boolean 570 | | +--rw lacp-speed? boolean 571 | | +--rw mini-link? uint32 572 | | +--rw system-priority? uint16 573 | | +--rw micro-bfd {micro-bfd}? 574 | | | +--rw micro-bfd-on-off? 575 | | | | enumeration 576 | | | +--rw bfd-interval? 577 | | | | uint32 578 | | | +--rw bfd-hold-timer? 579 | | | uint32 580 | | +--rw bfd {bfd}? 581 | | | +--rw bfd-enabled? 582 | | | | boolean 583 | | | +--rw (holdtime)? 584 | | | +--:(profile) 585 | | | | +--rw profile-name? 586 | | | | string 587 | | | +--:(fixed) 588 | | | +--rw fixed-value? 589 | | | uint32 590 | | +--rw member-link-list 591 | | | +--rw member-link* [name] 592 | | | +--rw name 593 | | | | string 594 | | | +--rw port-speed? 595 | | | | uint32 596 | | | +--rw mode? 597 | | | | neg-mode 598 | | | +--rw link-mtu? 599 | | | | uint32 600 | | | +--rw oam-802.3ah-link 601 | | | {oam-3ah}? 602 | | | +--rw enable? boolean 603 | | +--rw flow-control? string 604 | | +--rw lldp? boolean 605 | +--rw cvlan-id-to-svc-map* [svc-id] 606 | | +--rw svc-id leafref 607 | | +--rw cvlan-id* [vid] 608 | | +--rw vid uint32 609 | +--rw split-horizon 610 | | +--rw group-name? string 611 | +--rw l2cp-control {L2CP-control}? 612 | +--rw stp-rstp-mstp? control-mode 613 | +--rw pause? control-mode 614 | +--rw lacp-lamp? control-mode 615 | +--rw link-oam? control-mode 616 | +--rw esmc? control-mode 617 | +--rw l2cp-802.1x? control-mode 618 | +--rw e-lmi? control-mode 619 | +--rw lldp? boolean 620 | +--rw ptp-peer-delay? control-mode 621 | +--rw garp-mrp? control-mode 622 +--rw availability 623 | +--rw access-priority? uint32 624 | +--rw (redundancy-mode)? 625 | +--:(single-active) 626 | | +--rw single-active? boolean 627 | +--:(all-active) 628 | +--rw all-active? boolean 629 +--rw service 630 | +--rw svc-input-bandwidth {input-bw}? 631 | | +--rw input-bandwidth* [type] 632 | | +--rw type identityref 633 | | +--rw cos-id? uint8 634 | | +--rw vpn-id? svc-id 635 | | +--rw cir? uint64 636 | | +--rw cbs? uint64 637 | | +--rw eir? uint64 638 | | +--rw ebs? uint64 639 | | +--rw pir? uint64 640 | | +--rw pbs? uint64 641 | +--rw svc-output-bandwidth {output-bw}? 642 | | +--rw output-bandwidth* [type] 643 | | +--rw type identityref 644 | | +--rw cos-id? uint8 645 | | +--rw vpn-id? svc-id 646 | | +--rw cir? uint64 647 | | +--rw cbs? uint64 648 | | +--rw eir? uint64 649 | | +--rw ebs? uint64 650 | | +--rw pir? uint64 651 | | +--rw pbs? uint64 652 | +--rw qos {qos}? 653 | +--rw classification-policy 654 | | +--rw rule* [id] 655 | | +--rw id 656 | | | string 657 | | +--rw (match-type)? 658 | | | +--:(match-flow) 659 | | | | +--rw match-flow 660 | | | | +--rw dscp? 661 | | | | | inet:dscp 662 | | | | +--rw dot1q? 663 | | | | | uint16 664 | | | | +--rw pcp? 665 | | | | | uint8 666 | | | | +--rw src-mac? 667 | | | | | yang:mac-address 668 | | | | +--rw dst-mac? 669 | | | | | yang:mac-address 670 | | | | +--rw color-type? 671 | | | | | identityref 672 | | | | +--rw target-sites* 673 | | | | | svc-id 674 | | | | | {target-sites}? 675 | | | | +--rw any? 676 | | | | | empty 677 | | | | +--rw vpn-id? 678 | | | | svc-id 679 | | | +--:(match-application) 680 | | | +--rw match-application? 681 | | | identityref 682 | | +--rw target-class-id? 683 | | string 684 | +--rw qos-profile 685 | +--rw (qos-profile)? 686 | +--:(standard) 687 | | +--rw profile? leafref 688 | +--:(custom) 689 | +--rw classes {qos-custom}? 690 | +--rw class* [class-id] 691 | +--rw class-id 692 | | string 693 | +--rw direction? 694 | | identityref 695 | +--rw policing? 696 | | identityref 697 | +--rw byte-offset? 698 | | uint16 699 | +--rw frame-delay 700 | | +--rw (flavor)? 701 | | +--:(lowest) 702 | | | +--rw use-lowest-latency? 703 | | | empty 704 | | +--:(boundary) 705 | | +--rw delay-bound? 706 | | uint16 707 | +--rw frame-jitter 708 | | +--rw (flavor)? 709 | | +--:(lowest) 710 | | | +--rw use-lowest-jitter? 711 | | | empty 712 | | +--:(boundary) 713 | | +--rw delay-bound? 714 | | uint32 715 | +--rw frame-loss 716 | | +--rw rate? 717 | | decimal64 718 | +--rw bandwidth 719 | +--rw guaranteed-bw-percent 720 | | decimal64 721 | +--rw end-to-end? 722 | empty 723 +--rw svc-precedence 724 | +--rw precedence? identityref 725 +--rw broadcast-unknown-unicast-multicast 726 | +--rw multicast-site-type? 727 | | enumeration 728 | +--rw multicast-gp-address-mapping* [id] 729 | | +--rw id uint16 730 | | +--rw vlan-id? uint32 731 | | +--rw mac-gp-address? 732 | | | yang:mac-address 733 | | +--rw port-lag-number? uint32 734 | +--rw bum-overall-rate? 735 | | uint32 736 | +--rw bum-rate-per-type* [type] 737 | +--rw type identityref 738 | +--rw rate? uint32 739 +--rw ethernet-service-oam 740 | +--rw md-name? string 741 | +--rw md-level? uint8 742 | +--rw cfm-802.1-ag 743 | | +--rw n2-uni-c* [maid] 744 | | | +--rw maid 745 | | | | string 746 | | | +--rw mep-id? 747 | | | | uint32 748 | | | +--rw mep-level? 749 | | | | uint32 750 | | | +--rw mep-up-down? 751 | | | | enumeration 752 | | | +--rw remote-mep-id? 753 | | | | uint32 754 | | | +--rw cos-for-cfm-pdus? 755 | | | | uint32 756 | | | +--rw ccm-interval? 757 | | | | uint32 758 | | | +--rw ccm-holdtime? 759 | | | | uint32 760 | | | +--rw alarm-priority-defect? 761 | | | | identityref 762 | | | +--rw ccm-p-bits-pri? 763 | | | ccm-priority-type 764 | | +--rw n2-uni-n* [maid] 765 | | +--rw maid 766 | | | string 767 | | +--rw mep-id? 768 | | | uint32 769 | | +--rw mep-level? 770 | | | uint32 771 | | +--rw mep-up-down? 772 | | | enumeration 773 | | +--rw remote-mep-id? 774 | | | uint32 775 | | +--rw cos-for-cfm-pdus? 776 | | | uint32 777 | | +--rw ccm-interval? 778 | | | uint32 779 | | +--rw ccm-holdtime? 780 | | | uint32 781 | | +--rw alarm-priority-defect? 782 | | | identityref 783 | | +--rw ccm-p-bits-pri? 784 | | ccm-priority-type 785 | +--rw y-1731* [maid] 786 | +--rw maid 787 | | string 788 | +--rw mep-id? 789 | | uint32 790 | +--rw type? 791 | | identityref 792 | +--rw remote-mep-id? 793 | | uint32 794 | +--rw message-period? 795 | | uint32 796 | +--rw measurement-interval? 797 | | uint32 798 | +--rw cos? 799 | | uint32 800 | +--rw loss-measurement? 801 | | boolean 802 | +--rw synthethic-loss-measurement? 803 | | boolean 804 | +--rw delay-measurement 805 | | +--rw enable-dm? boolean 806 | | +--rw two-way? boolean 807 | +--rw frame-size? 808 | | uint32 809 | +--rw session-type? 810 | enumeration 811 +--rw mac-loop-prevention 812 | +--rw frequency? uint32 813 | +--rw protection-type? identityref 814 | +--rw number-retries? uint32 815 +--rw access-control-list 816 | +--rw mac* [mac-address] 817 | +--rw mac-address yang:mac-address 818 +--rw mac-addr-limit 819 | +--rw mac-num-limit? uint16 820 | +--rw time-interval? uint32 821 | +--rw action? identityref 822 +--rw site-bearers 823 +--rw bearer-id? string 825 Figure 5 827 4. Relation with other Yang Models 829 The L2NM model, aimed at managing the L2VPN Services in a Service 830 Provider Network controller/orchestrator has relations with other 831 Yang modules. 833 4.1. Relation with L2SM 835 [RFC8466] defines a L2VPN Service YANG data Model (L2SM) that can be 836 used for communication between customers and VPN service providers. 837 Hence, the model provides inputs to the Network Operator to deliver 838 such service to the customer. Hence, most parts of the model can be 839 directly mapped into L2NM. 841 o Service requirements: The service requirements can be directly 842 taken from L2SM to L2NM. 844 o Sites: The sites from L2SM are used to select the Service Prodider 845 node. The site information is NOT maintained in L2NM 847 4.2. Relation with Network Topology 849 The L2NM model manages VPN Services running over Service Provider 850 Backbone network. The set of nodes over which it is possible to 851 deploy a L2 VPN Service MAY be part of the topology contained in an 852 ietf-network module. 854 4.3. Relation with Device Models 856 Creating services in the l2vpn-ntw module will will lead at some 857 point to the configuration of devices. Hence, it is foreseen that 858 the data for the device yang modules will be derived partially from 859 the L2NM vpn-service container. Note that L2NM is NOT a device 860 model. 862 5. Yang Module 864 file "ietf-l2vpn-ntw@2020-03-09.yang" 865 module ietf-l2vpn-ntw { 866 yang-version 1.1; 867 namespace "urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw"; 868 prefix l2vpn-ntw; 870 import ietf-inet-types { 871 prefix inet; 872 } 873 import ietf-yang-types { 874 prefix yang; 875 } 876 import ietf-netconf-acm { 877 prefix nacm; 878 } 879 import ietf-l2vpn-svc { 880 prefix l2vpn; 881 } 882 import ietf-l3vpn-ntw { 883 prefix l3vpn; 884 } 885 import ietf-routing-types { 886 prefix rt-types; 887 reference 888 "RFC 8294: Common YANG Data Types for the Routing Area"; 889 } 890 organization 891 "IETF OPSA (Operations and Management Area) Working Group"; 892 contact 893 "WG Web: 894 WG List: 895 Editor: Samier Barguil Giraldo 896 897 Editor: Oscar Gonzalez de Dios 898 899 Editor: Victor Lopez 900 901 Editor: Luis Angel Munoz 902 903 Editor: Luay Jalil 904 905 "; 906 description 907 "This YANG module defines a generic network-oriented model 908 for the management and delivery of Layer 2 VPNs in a 909 Service Provider backbone network. 911 Copyright (c) 2019 IETF Trust and the persons identified as 912 authors of the code. All rights reserved. 914 Redistribution and use in source and binary forms, with or 915 without modification, is permitted pursuant to, and subject to 916 the license terms contained in, the Simplified BSD License set 917 forth in Section 4.c of the IETF Trust's Legal Provisions 918 Relating to IETF Documents 919 (https://trustee.ietf.org/license-info). 921 This version of this YANG module is part of RFC XXXX 922 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 923 for full legal notices. 925 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 926 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 927 'MAY', and 'OPTIONAL' in this document are to be interpreted as 928 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 929 they appear in all capitals, as shown here."; 931 revision 2020-03-09{ 932 description 933 "Second revision -01 version"; 934 reference 935 "draft-barguil-opsawg-l2sm-l2nm-01 936 A Layer 2 VPN Network Yang Model."; 937 } 939 revision 2019-11-21{ 940 description 941 "Initial revision -00 version"; 942 reference 943 "draft-barguil-opsawg-l2sm-l2nm-00 944 A Layer 2 VPN Network Yang Model."; 945 } 947 /* Features */ 948 feature multicast-like{ 949 description 950 "Enables multicast-like capabilities support in a L2VPN."; 951 } 952 feature extranet-vpn{ 953 description 954 "Enable the Support of Extranet VPN."; 955 } 956 feature target-sites { 957 description 958 "Enables support of the 'target-sites' match flow parameter."; 960 } 961 feature L2CP-control { 962 description 963 "Enable the Support of L2CP control."; 964 } 965 feature input-bw { 966 description 967 "Enable the suppport of Input Bandwidth in a VPN."; 968 } 969 feature output-bw { 970 description 971 "Enable the support of Output Bandwidth in a VPN"; 972 } 973 feature uni-list { 974 description 975 "Enable the support of UNI list in a VPN."; 976 } 977 feature cloud-access { 978 description 979 "Allow VPN to connect to a Cloud Service 980 provider."; 981 } 982 feature oam-3ah { 983 description 984 "Enables the support of OAM 802.3ah."; 985 } 986 feature micro-bfd { 987 description 988 "Enables the support of Micro-BFD."; 989 } 990 feature bfd { 991 description 992 "Enables the support of BFD."; 994 } 995 feature signaling-options { 996 description 997 "Enable the support of signalling option."; 998 } 999 feature site-diversity { 1000 description 1001 "Enables the support of site diversity constraints in a VPN."; 1002 } 1003 feature encryption { 1004 description 1005 "Enables support of encryption."; 1006 } 1007 feature always-on { 1008 description 1009 "Enables support for always-on access 1010 constraint."; 1011 } 1012 feature requested-type { 1013 description 1014 "Enables support for requested-type access 1015 constraint."; 1016 } 1017 feature bearer-reference { 1018 description 1019 "Enables support for bearer-reference access 1020 constraint."; 1021 } 1022 feature qos { 1023 description 1024 "Enables support of Class of Services."; 1025 } 1026 feature qos-custom { 1027 description 1028 "Enables support of custom qos profile."; 1029 } 1030 feature lag-interface{ 1031 description 1032 "Enable lag-interface."; 1033 } 1034 feature vlan { 1035 description 1036 "Enable the support of VLAN."; 1037 } 1038 feature dot1q{ 1039 description 1040 "Enable the support of Dot1Q."; 1041 } 1042 feature sub-inf{ 1043 description 1044 "Enable the support of Sub Interface."; 1045 } 1046 feature qinq { 1047 description 1048 "Enable the support of QinQ."; 1049 } 1050 feature qinany{ 1051 description 1052 "Enable the support of QinAny."; 1053 } 1054 feature atm { 1055 description 1056 "Enable the support of ATM."; 1057 } 1058 feature vxlan { 1059 description 1060 "Enable the support of VxLAN."; 1061 } 1062 feature ipv4 { 1063 description 1064 "Enables IPv4 support in a VPN."; 1065 } 1066 feature ipv6 { 1067 description 1068 "Enables IPv6 support in a VPN."; 1069 } 1070 feature lan-tag { 1071 description 1072 "Enables LAN Tag support in a VPN."; 1073 } 1074 /* Typedefs */ 1076 typedef protocols-type { 1077 type enumeration { 1078 enum "GRE" { 1079 value 0; 1080 description "Transport based on GRE."; 1081 } 1082 enum "LDP" { 1083 value 1; 1084 description "Transport based on LDP."; 1085 } 1086 enum "BGP" { 1087 value 2; 1088 description "Transport based on BGP."; 1089 } 1090 enum "SR" { 1091 value 3; 1092 description "Operational status Segment Routing"; 1093 } 1094 enum "TE" { 1095 value 4; 1096 description "Operational status TE"; 1097 } 1098 enum "unknown" { 1099 value 5; 1100 description "Operational status UNKNOWN"; 1101 } 1103 } 1105 description 1106 "This are writable attributes used to identify 1107 transport protocols underlaying the service"; 1108 } 1110 typedef operational-type { 1111 type enumeration { 1112 enum "up" { 1113 value 0; 1114 description "Operational status UP."; 1115 } 1116 enum "down" { 1117 value 1; 1118 description "Operational status DOWN"; 1119 } 1120 enum "unknown" { 1121 value 2; 1122 description "Operational status UNKNOWN"; 1123 } 1124 } 1125 description 1126 "This is a read-only attribute used to determine the 1127 status of a particular element"; 1128 } 1130 typedef svc-id { 1131 type string; 1132 description 1133 "Defines a type of service component identifier."; 1134 } 1135 typedef ccm-priority-type { 1136 type uint8 { 1137 range "0..7"; 1138 } 1139 description 1140 "A 3 bit priority value to be used in the VLAN tag, 1141 if present in the transmitted frame."; 1142 } 1143 typedef control-mode { 1144 type enumeration { 1145 enum peer { 1146 description 1147 "Peer mode,i.e.,participate in the protocol towards the CE. 1148 Peering is common for LACP and E-LMI and occasionally for LLDP. 1149 For virtual private services the Subscriber can also request that 1150 the Service Provider peer spanning tree."; 1151 } 1152 enum tunnel { 1153 description 1154 "Tunnel mode,i.e.,pass to the egress or destination site. 1155 For EPL, the expectation is that L2CP frames are tunneled."; 1156 } 1157 enum discard { 1158 description 1159 "Discard mode,i.e.,discard the frame."; 1160 } 1161 } 1162 description 1163 "Defining a type of the control mode on L2CP protocols."; 1164 } 1165 typedef neg-mode { 1166 type enumeration { 1167 enum full-duplex { 1168 description 1169 "Defining Full duplex mode"; 1170 } 1171 enum auto-neg { 1172 description 1173 "Defining Auto negotiation mode"; 1174 } 1175 } 1176 description 1177 "Defining a type of the negotiation mode"; 1178 } 1180 /* Identities */ 1181 identity multicast-tree-type { 1182 description 1183 "Base identity for multicast tree type."; 1184 } 1185 identity ssm-tree-type { 1186 base multicast-tree-type; 1187 description 1188 "Identity for SSM tree type."; 1189 } 1190 identity asm-tree-type { 1191 base multicast-tree-type; 1192 description 1193 "Identity for ASM tree type."; 1194 } 1195 identity bidir-tree-type { 1196 base multicast-tree-type; 1197 description 1198 "Identity for bidirectional tree type."; 1199 } 1200 identity mapping-type{ 1201 description 1202 "Identity mapping-type"; 1203 } 1204 identity static-mapping{ 1205 base mapping-type; 1206 description 1207 "Identity for static mapping, i.e.,attach the interface 1208 to the Multicast group as static member"; 1210 } 1211 identity dynamic-mapping{ 1212 base mapping-type; 1213 description 1214 "Identity for dynamic mapping, i.e.,interface was added 1215 to the Multicast group as a result of snooping"; 1216 } 1218 identity tf-type{ 1219 description 1220 "Identity traffic-type"; 1221 } 1222 identity multicast-traffic { 1223 base tf-type; 1224 description 1225 "Identity for multicast traffic"; 1226 } 1227 identity broadcast-traffic { 1228 base tf-type; 1229 description 1230 "Identity for broadcast traffic"; 1231 } 1232 identity unknown-unicast-traffic { 1233 base tf-type; 1234 description 1235 "Identity for unknown unicast traffic"; 1236 } 1237 identity pwe-encapsulation-type{ 1238 description 1239 "Identity pwe-encapsulation-type"; 1240 } 1242 identity ethernet-over-mpls { 1243 base pwe-encapsulation-type; 1244 description 1245 "Identity for ethernet over mpls"; 1246 } 1247 identity ethernet-tagged-mpls { 1248 base pwe-encapsulation-type; 1249 description 1250 "Identity for ethernet tagged over mpls"; 1252 } 1254 identity l2tp-pw-type { 1255 description 1256 "Identity for L2TP PW type"; 1257 } 1259 identity encapsulation-type { 1260 description 1261 "Identity for encapsulation type"; 1262 } 1263 identity ethernet-type { 1264 base encapsulation-type; 1265 description 1266 "Identity for encapsulation type"; 1267 } 1268 identity vlan-type { 1269 base encapsulation-type; 1270 description 1271 "Identity for encapsulation type"; 1272 } 1274 identity protection-mode { 1275 description 1276 "Identity of protection mode"; 1277 } 1279 identity oneplusone{ 1280 base protection-mode; 1281 description 1282 "In this scheme, the primary circuit will be 1283 protected by a backup circuit, typically meeting certain 1284 diverse path/fiber/site/node criteria. Both primary and 1285 protection circuits are provisioned to be in the active forwarding 1286 state. The subscriber may choose to send the same service frames 1287 across both circuits simultaneously."; 1288 } 1290 identity one2one{ 1291 base protection-mode; 1292 description 1293 "In this scheme, a backup circuit to the primary 1294 circuit is provisioned. Depending on the implementation 1295 agreement, the protection circuits may either always be in active 1296 forwarding state, or may only become active when a faulty state is 1297 detected on the primary circuit."; 1298 } 1300 identity eth-inf-type { 1301 description 1302 "Identity of Ethernet Interface Type"; 1303 } 1305 identity phy-inf { 1306 base eth-inf-type; 1307 description 1308 "Identity of Physical Interface type"; 1309 } 1311 identity lag-inf { 1312 base eth-inf-type; 1313 description 1314 "Identity of LAG Interface type"; 1315 } 1317 identity bw-type { 1318 description 1319 "Identity of bandwidth"; 1320 } 1321 identity bw-per-cos { 1322 base bw-type; 1323 description 1324 "Bandwidth is per cos"; 1325 } 1326 identity bw-per-port { 1327 base bw-type; 1328 description 1329 "Bandwidth is per site network access"; 1330 } 1332 identity opaque { 1333 base bw-type; 1334 description 1335 "Opaque"; 1336 } 1337 identity site-type { 1338 description 1339 "Identity of site type."; 1340 } 1341 identity uni { 1342 base site-type; 1343 description 1344 "Identity of User Network Interface "; 1345 } 1346 identity enni { 1347 base site-type; 1348 description 1349 "Identity of External Network to Network Interface"; 1351 } 1352 identity service-type { 1353 description 1354 "Base Identity of service type."; 1355 } 1356 identity vpws { 1357 base service-type; 1358 description 1359 " point-to-point Virtual Private Wire Services(VPWS) type."; 1360 } 1361 identity pwe3 { 1362 base service-type; 1363 description 1364 " Pseudo-Wire Emulation Edge to 1365 Edge(PWE3)Service type. ."; 1366 } 1367 identity ldp-l2tp-vpls { 1368 base service-type; 1369 description 1370 "LDP based or L2TP based multipoint Virtual Private LAN services (VPLS) Service Type. 1371 This VPLS uses LDP-signaled Pseudowires or L2TP signaled Pseudowires."; 1372 } 1374 identity bgp-vpls { 1375 base service-type; 1376 description 1377 "BGP based multipoint Virtual Private LAN services (VPLS) Service Type. 1378 This VPLS uses a Border Gateway Protocol (BGP) control plane as 1379 described in RFC4761 and RFC6624."; 1380 } 1381 identity vpws-evpn { 1382 base service-type; 1383 description 1384 "VPWS Service Type using Ethernet VPN(EVPN) specified in RFC 7432."; 1385 } 1386 identity pbb-evpn { 1387 base service-type; 1388 description 1389 "PBB Service Type using Ethernet VPN(EVPN) specified in RFC 7432."; 1390 } 1391 identity bundling-type { 1392 description 1393 "This is base identity for Bundling type. It supports 1394 multiple CE-VLAN associated with L2VPN service or all CE-VLANs 1395 associated with L2VPN service."; 1396 } 1397 identity multi-svc-bundling { 1398 base bundling-type; 1399 description 1400 "Identity for multiple service bundling,i.e., 1401 multiple CE-VLAN IDs can be associated with an 1402 L2VPN Service at site."; 1403 } 1404 identity one2one-bundling { 1405 base bundling-type; 1406 description 1407 "Identity for one to one service bundling,i.e., 1408 Each L2VPN can be associated with only one CE-VLAN IDs 1409 at site."; 1410 } 1411 identity all2one-Bundling { 1412 base bundling-type; 1413 description 1414 "Identity for all to one bundling,i.e.,all CE-VLAN IDs 1415 are mapped to one L2VPN Service"; 1416 } 1417 identity color-id { 1418 description 1419 "base identity of color id"; 1420 } 1422 identity color-id--cvlan { 1423 base color-id; 1424 description 1425 "Identity of color id base on CVLAN "; 1426 } 1427 identity cos-id { 1428 description 1429 "Identity of class of service id"; 1430 } 1432 identity cos-id-pcp { 1433 base cos-id; 1434 description 1436 "Identity of cos id based on PCP"; 1437 } 1438 identity cos-id--dscp { 1439 base cos-id; 1440 description 1441 "Identity of cos id based on DSCP"; 1442 } 1443 identity color-type { 1444 description 1445 "Identity of color types"; 1446 } 1447 identity green { 1448 base color-type; 1449 description 1450 "Identity of green type"; 1451 } 1452 identity yellow { 1453 base color-type; 1454 description 1455 "Identity of yellow type"; 1456 } 1457 identity red { 1458 base color-type; 1459 description 1460 "Identity of red type"; 1461 } 1462 identity perf-tier-opt { 1463 description 1464 "Identity of performance tier option."; 1465 } 1466 identity metro { 1467 base perf-tier-opt; 1468 description 1469 "Identity of metro"; 1470 } 1471 identity regional { 1472 base perf-tier-opt; 1473 description 1474 "Identity of regional"; 1475 } 1476 identity continental { 1477 base perf-tier-opt; 1478 description 1479 "Identity of continental"; 1480 } 1481 identity global { 1482 base perf-tier-opt; 1483 description 1484 "Identity of global"; 1485 } 1487 identity policing { 1488 description 1489 "Identity of policing type"; 1490 } 1491 identity one-rate-two-color { 1492 base policing; 1493 description 1494 "Identity of one-rate, two-color (1R2C)"; 1495 } 1496 identity two-rate-three-color { 1497 base policing; 1498 description 1499 "Identity of two-rate, three-color (2R3C)"; 1500 } 1501 identity bum-type { 1502 description 1503 "Identity of BUM type"; 1504 } 1505 identity broadcast { 1506 base bum-type; 1507 description 1508 "Identity of broadcast"; 1509 } 1510 identity unicast { 1511 base bum-type; 1512 description 1513 "Identity of unicast"; 1514 } 1516 identity multicast { 1517 base bum-type; 1518 description 1519 "Identity of multicast"; 1520 } 1521 identity loop-prevention-type{ 1522 description 1523 "Identity of loop prevention"; 1524 } 1525 identity shut { 1526 base loop-prevention-type; 1527 description 1528 "Identity of shut protection"; 1529 } 1530 identity trap { 1531 base loop-prevention-type; 1532 description 1533 "Identity of trap protection"; 1534 } 1535 identity lacp-state { 1536 description 1537 "Identity of LACP state"; 1538 } 1539 identity lacp-on { 1540 base lacp-state; 1541 description 1542 "Identity of LCAP on"; 1543 } 1544 identity lacp-off { 1545 base lacp-state; 1546 description 1547 "Identity of LACP off"; 1549 } 1550 identity lacp-mode { 1551 description 1552 "Identity of LACP mode"; 1553 } 1554 identity lacp-passive { 1555 base lacp-mode; 1556 description 1557 "Identity of LACP passive"; 1558 } 1559 identity lacp-active { 1560 base lacp-mode; 1561 description 1562 "Identity of LACP active"; 1563 } 1564 identity lacp-speed { 1565 description 1566 "Identity of LACP speed"; 1567 } 1568 identity lacp-fast { 1569 base lacp-speed; 1570 description 1571 "Identity of LACP fast"; 1572 } 1573 identity lacp-slow { 1574 base lacp-speed; 1575 description 1576 "Identity of LACP slow"; 1577 } 1578 identity vpn-signaling-type { 1579 description 1580 "Identity of VPN signaling types"; 1581 } 1582 identity l2vpn-bgp { 1583 base vpn-signaling-type; 1584 description 1585 "Identity of l2vpn-bgp"; 1586 } 1587 identity evpn-bgp { 1588 base vpn-signaling-type; 1589 description 1590 "Identity of evpn-bgp"; 1591 } 1593 identity t-ldp { 1594 base vpn-signaling-type; 1595 description 1596 "Identity of t-ldp."; 1597 } 1598 identity l2tp { 1599 base vpn-signaling-type; 1600 description 1601 "Identity of l2tp."; 1602 } 1604 identity t-ldp-pwe-type{ 1605 description 1606 "Identity for t-ldp-pwe-type."; 1607 } 1609 identity vpws-type { 1610 base t-ldp-pwe-type; 1611 description 1612 "Identity for VPWS"; 1613 } 1615 identity vpls-type{ 1616 base t-ldp-pwe-type; 1617 description 1618 "Identity for vpls"; 1619 } 1621 identity h-vpls{ 1622 base t-ldp-pwe-type; 1623 description 1624 "Identity for h-vpls"; 1625 } 1627 identity l2vpn-type { 1628 description 1629 "Layer 2 VPN types"; 1630 } 1631 identity l2vpn-vpws { 1632 base l2vpn-type; 1633 description 1634 "VPWS L2VPN type."; 1635 } 1636 identity l2vpn-vpls { 1637 base l2vpn-type; 1638 description 1639 "VPLS L2VPN type."; 1640 } 1641 identity distribute-vpls { 1642 base l2vpn-type; 1643 description 1644 "distribute VPLS L2VPN type."; 1645 } 1647 identity evpn-type { 1648 description 1649 "Ethernet VPN types"; 1650 } 1651 identity evpn-vpws { 1652 base evpn-type; 1653 description 1654 "VPWS support in EVPN."; 1655 } 1656 identity evpn-pbb { 1657 base evpn-type; 1658 description 1659 " Provider Backbone Bridging Support in EVPN."; 1660 } 1662 identity management { 1663 description 1664 "Base identity for site management scheme."; 1665 } 1666 identity co-managed { 1667 base management; 1668 description 1669 "Base identity for co-managed site."; 1670 } 1671 identity customer-managed { 1672 base management; 1673 description 1674 "Base identity for customer managed site."; 1675 } 1677 identity provider-managed { 1678 base management; 1679 description 1680 "Base identity for provider managed site."; 1681 } 1682 identity address-family { 1683 description 1684 "Base identity for an address family."; 1685 } 1686 identity ipv4 { 1687 base address-family; 1688 description 1689 "Identity for IPv4 address family."; 1690 } 1691 identity ipv6 { 1692 base address-family; 1693 description 1694 "Identity for IPv6 address family."; 1695 } 1697 identity vpn-topology { 1698 description 1699 "Base identity for VPN topology."; 1700 } 1701 identity any-to-any { 1702 base vpn-topology; 1703 description 1704 "Identity for any to any VPN topology."; 1705 } 1706 identity hub-spoke { 1707 base vpn-topology; 1708 description 1709 "Identity for Hub'n'Spoke VPN topology."; 1711 } 1712 identity hub-spoke-disjoint { 1713 base vpn-topology; 1714 description 1715 "Identity for Hub'n'Spoke VPN topology 1716 where Hubs cannot talk between each other."; 1717 } 1718 identity site-role { 1719 description 1720 "Base identity for site type."; 1721 } 1722 identity any-to-any-role { 1723 base site-role; 1724 description 1725 "Site in an any to any IPVPN."; 1726 } 1727 identity spoke-role { 1728 base site-role; 1729 description 1730 "Spoke Site in a Hub and Spoke IPVPN."; 1731 } 1732 identity hub-role { 1733 base site-role; 1734 description 1735 "Hub Site in a Hub and Spoke IPVPN."; 1736 } 1737 identity pm-type { 1738 description 1739 "Performance monitor type"; 1740 } 1741 identity loss { 1742 base pm-type; 1743 description 1744 "Loss measurement"; 1745 } 1746 identity delay { 1747 base pm-type; 1748 description 1749 "Delay measurement"; 1750 } 1751 identity fault-alarm-defect-type { 1752 description 1753 "Indicating the alarm priority defect"; 1754 } 1755 identity remote-rdi { 1756 base fault-alarm-defect-type; 1757 description 1758 "Indicates the aggregate health of the remote MEPs."; 1759 } 1760 identity remote-mac-error { 1761 base fault-alarm-defect-type; 1762 description 1763 "Indicates that one or more of the remote MEPs is 1764 reporting a failure in its Port Status TLV or 1765 Interface Status TLV."; 1766 } 1767 identity remote-invalid-ccm { 1768 base fault-alarm-defect-type; 1769 description 1770 "Indicates that at least one of the Remote MEP 1771 state machines is not receiving valid CCMs 1772 from its remote MEP."; 1773 } 1774 identity invalid-ccm { 1775 base fault-alarm-defect-type; 1776 description 1777 "Indicates that one or more invalid CCMs has been 1778 received and that 3.5 times that CCMs transmission 1779 interval has not yet expired."; 1780 } 1781 identity cross-connect-ccm { 1782 base fault-alarm-defect-type; 1783 description 1785 "Indicates that one or more cross connect CCMs has been 1786 received and that 3.5 times of at least one of those 1787 CCMs transmission interval has not yet expired."; 1788 } 1789 identity frame-delivery-mode { 1790 description 1791 "Delivery types"; 1792 } 1793 identity discard { 1794 base frame-delivery-mode; 1795 description 1796 "Service Frames are discarded."; 1797 } 1798 identity unconditional { 1799 base frame-delivery-mode; 1800 description 1801 "Service Frames are unconditionally 1802 delivered to the destination site."; 1803 } 1805 identity unknown-discard { 1806 base frame-delivery-mode; 1807 description 1808 "Service Frame are conditionally 1809 delivered to the destination site and 1810 the packet with unknown destination address 1811 will be discarded."; 1812 } 1813 identity pw-topo-type { 1814 description 1815 "base identity for pw topology Type"; 1816 } 1817 identity point-to-point { 1818 base pw-topo-type; 1819 description 1820 "identity for Point to Point."; 1821 } 1822 identity multipoint-to-point { 1823 base pw-topo-type; 1824 description 1825 "identity for Multipoint to point."; 1826 } 1827 identity point-to-multipoint { 1828 base pw-topo-type; 1829 description 1830 "Identity for point to Multipoint."; 1831 } 1832 identity placement-diversity { 1833 description 1834 "Base identity for site placement 1835 constraints"; 1836 } 1837 identity bearer-diverse { 1838 base placement-diversity; 1839 description 1840 "Identity for bearer diversity. 1841 The bearers should not use common elements."; 1842 } 1843 identity pe-diverse { 1844 base placement-diversity; 1845 description 1846 "Identity for PE diversity"; 1847 } 1848 identity pop-diverse { 1849 base placement-diversity; 1850 description 1851 "Identity for POP diversity"; 1853 } 1854 identity linecard-diverse { 1855 base placement-diversity; 1856 description 1857 "Identity for linecard diversity"; 1858 } 1859 identity same-pe { 1860 base placement-diversity; 1861 description 1862 "Identity for having sites connected 1863 on the same PE"; 1864 } 1865 identity same-bearer { 1866 base placement-diversity; 1867 description 1868 "Identity for having sites connected 1869 using the same bearer"; 1870 } 1871 identity l2-access-type { 1872 description 1873 "This identify the access type 1874 of the vpn acccess interface"; 1875 } 1876 identity untag { 1877 base l2-access-type; 1878 description 1879 "Untag"; 1880 } 1881 identity port { 1882 base l2-access-type; 1883 description 1884 "Port"; 1885 } 1886 identity dot1q { 1887 base l2-access-type; 1888 description 1889 "Qot1q"; 1890 } 1891 identity qinq { 1892 base l2-access-type; 1893 description 1894 "QinQ"; 1895 } 1896 identity sub-interface { 1897 base l2-access-type; 1898 description 1899 "Create a default sub-interface and keep vlan."; 1900 } 1901 identity atm { 1902 base l2-access-type; 1903 description 1904 "ATM Cell."; 1905 } 1906 identity vxlan { 1907 base l2-access-type; 1908 description 1909 "Vxlan access into the vpn"; 1910 } 1911 identity provision-model { 1912 description 1913 "base identity for provision model."; 1914 } 1915 identity single-side-provision { 1916 description 1917 "Identity for single side provisioning with discovery."; 1918 } 1919 identity doubled-side-provision { 1920 description 1921 "Identity for double signle provisioning."; 1922 } 1923 identity mac-learning-mode { 1924 description 1925 "MAC learning mode"; 1926 } 1927 identity data-plane { 1928 base mac-learning-mode; 1929 description 1930 "User MAC addresses are learned through ARP broadcast."; 1931 } 1932 identity control-plane { 1933 base mac-learning-mode; 1934 description 1935 "User MAC addresses are advertised through EVPN-BGP"; 1936 } 1937 identity vpn-policy-filter-type { 1938 description 1939 "Base identity for filter type."; 1940 } 1941 identity lan { 1942 base vpn-policy-filter-type; 1943 description 1944 "Identity for lan tag filter type."; 1945 } 1946 identity mac-action { 1947 description 1948 "Base identity for MAC action."; 1949 } 1950 identity drop { 1951 base mac-action; 1952 description 1953 "Identity for packet drop."; 1954 } 1956 identity flood { 1957 base mac-action; 1958 description 1959 "Identity for packet flooding."; 1960 } 1961 identity warning { 1962 base mac-action; 1963 description 1964 "Identity for sending a warning log message."; 1965 } 1966 identity load-balance-method { 1967 description 1968 "Base identity for load balance method."; 1969 } 1970 identity fat-pw { 1971 base load-balance-method; 1972 description 1973 "Identity for Fat PW. Fat label is 1974 applied to Pseudowires across MPLS 1975 network."; 1976 } 1977 identity entropy-label { 1978 base load-balance-method; 1979 description 1980 "Identity for entropy label.Entropy label 1981 is applied to IP forwarding, 1982 L2VPN or L3VPN across MPLS network"; 1983 } 1984 identity vxlan-source-port { 1985 base load-balance-method; 1986 description 1987 "Identity for vxlan source port.VxLAN 1988 Source Port is one load balancing method."; 1989 } 1990 identity qos-profile-direction { 1991 description 1992 "Base identity for qos profile direction."; 1993 } 1994 identity site-to-wan { 1995 base qos-profile-direction; 1996 description 1997 "Identity for Site to WAN direction."; 1998 } 1999 identity wan-to-site { 2000 base qos-profile-direction; 2001 description 2002 "Identity for WAN to Site direction."; 2003 } 2004 identity bidirectional { 2005 base qos-profile-direction; 2006 description 2007 "Identity for both WAN to Site direction and Site to WAN direction."; 2008 } 2009 identity vxlan-peer-mode { 2010 description 2011 "Base identity for vxlan peer mode."; 2012 } 2013 identity static-mode { 2014 base vxlan-peer-mode; 2015 description 2016 "Identity for the vxlan access in static mode."; 2017 } 2018 identity bgp-mode { 2019 base vxlan-peer-mode; 2020 description 2021 "Identity for the vxlan access by bgp evpn learning."; 2022 } 2023 identity customer-application { 2024 description 2025 "Base identity for customer application."; 2026 } 2027 identity web { 2028 base customer-application; 2029 description 2030 "Identity for Web application (e.g., HTTP, HTTPS)."; 2031 } 2032 identity mail { 2033 base customer-application; 2034 description 2035 "Identity for mail application."; 2036 } 2037 identity file-transfer { 2038 base customer-application; 2039 description 2040 "Identity for file transfer application (e.g., FTP, SFTP)."; 2041 } 2042 identity database { 2043 base customer-application; 2044 description 2045 "Identity for database application."; 2046 } 2047 identity social { 2048 base customer-application; 2049 description 2050 "Identity for social-network application."; 2051 } 2052 identity games { 2053 base customer-application; 2054 description 2055 "Identity for gaming application."; 2056 } 2057 identity p2p { 2058 base customer-application; 2059 description 2060 "Identity for peer-to-peer application."; 2061 } 2062 identity network-management { 2063 base customer-application; 2064 description 2065 "Identity for management application 2066 (e.g., Telnet, syslog, SNMP)."; 2067 } 2068 identity voice { 2069 base customer-application; 2070 description 2071 "Identity for voice application."; 2072 } 2073 identity video { 2074 base customer-application; 2075 description 2076 "Identity for video conference application."; 2077 } 2078 identity embb { 2079 base customer-application; 2080 description 2081 "Identity for enhanced Mobile Broadband(eMBB) 2082 application. Note that eMBB application demands 2083 the network performance with wide variety of 2084 characteristics such as data rate, latency, 2085 loss rate, reliability and many other parameters."; 2086 } 2087 identity urllc { 2088 base customer-application; 2089 description 2090 "Identity for Ultra-Reliable and Low Latency 2091 Communications (URLLC) application. Note that 2092 URLLC application demands the network performance 2093 with wide variety of characteristics such as latency, 2094 reliability and many other parameters."; 2095 } 2096 identity mmtc { 2097 base customer-application; 2098 description 2099 "Identity for massive Machine Type 2100 Communications (mMTC) application. Note that 2101 mMTC application demands the network performance 2102 with wide variety of characteristics such as data 2103 rate, latency, loss rate, reliability and many 2104 other parameters."; 2105 } 2106 identity precedence-type { 2107 description 2108 "Redundancy type. The service can be created 2109 with active and bakcup signalization."; 2111 } 2112 identity primary { 2113 base precedence-type; 2114 description 2115 "Identifies the Main L2VPN."; 2116 } 2117 identity backup { 2118 base precedence-type; 2119 description 2120 "Identifies the Backup L2VPN."; 2121 } 2122 /* Groupings */ 2124 grouping vpn-route-targets { 2125 description 2126 "A grouping that specifies Route Target import-export rules 2127 used in a BGP-enabled VPN."; 2128 list vpn-target { 2129 key "id"; 2130 leaf id { 2131 type int8; 2132 description 2133 "Identifies each VPN Target"; 2134 } 2135 list route-targets { 2136 key "route-target"; 2137 leaf route-target { 2138 type rt-types:route-target; 2139 description 2140 "Route Target value"; 2141 } 2142 description 2143 "List of Route Targets."; 2144 } 2145 leaf route-target-type { 2146 type rt-types:route-target-type; 2147 mandatory true; 2148 description 2149 "Import/export type of the Route Target."; 2150 } 2151 description 2152 "l3vpn route targets. AND/OR Operations are available 2153 based on the RTs assigment"; 2154 } 2155 reference 2156 "RFC4364: BGP/MPLS IP Virtual Private Networks (VPNs) 2157 RFC4664: Framework for Layer 2 Virtual Private Networks 2158 (L2VPNs)"; 2159 container vpn-policies { 2160 description 2161 ""; 2162 leaf import-policy { 2163 type string; 2164 description 2165 "Reference to a VRF import policy."; 2166 } 2167 leaf export-policy { 2168 type string; 2169 description 2170 "Reference to a VRF export policy."; 2171 } 2172 } 2173 } 2175 grouping svc-transport-encapsulation { 2176 container transport-encapsulation { 2177 leaf protocol { 2178 type protocols-type; 2179 description 2180 "Protocols used to support transport"; 2181 } 2182 description 2183 ""; 2184 } 2185 description 2186 ""; 2187 } 2189 grouping split-horizon-group { 2190 container split-horizon { 2191 leaf group-name { 2192 type string; 2193 description 2194 "group-name of the Split Horizon"; 2195 } 2196 description 2197 "Configuration with split horizon enabled"; 2198 } 2199 description 2200 "Configuration with split horizon enabled"; 2201 } 2203 grouping site-bearer-params { 2204 container site-bearers { 2205 leaf bearer-id { 2206 type string; 2207 description 2208 "Unique identifier for a bearer. This 2209 identifies shall be mapped to the bearer-reference 2210 on a vpn-network-access."; 2211 } 2212 description 2213 "Container that encloses all the bearers 2214 connected to a site. A bearer is mapped one to one 2215 to a port on the PE router."; 2216 } 2217 description 2218 "Container that encloses all the bearers 2219 connected to a site. A bearer is mapped one to one 2220 to a port on the PE router."; 2221 } 2223 grouping svc-precedence { 2224 container svc-precedence { 2225 leaf precedence{ 2226 type identityref { 2227 base precedence-type; 2228 } 2229 description 2230 "Defining service redundancy in transport 2231 network."; 2232 } 2233 description 2234 "Transport netowrk precedence selector 2235 Primary or Secondary tunnel."; 2236 } 2237 description 2238 "Transport netowrk precedence selector 2239 Primary or Secondary tunnel."; 2240 } 2242 grouping vpn-service-cloud-access { 2243 container cloud-accesses { 2244 if-feature cloud-access; 2245 list cloud-access { 2246 key cloud-identifier; 2247 leaf cloud-identifier { 2248 type string; 2249 description 2250 "Identification of cloud service. Local 2251 admin meaning."; 2252 } 2253 choice list-flavor { 2255 case permit-any { 2256 leaf permit-any { 2257 type empty; 2258 description 2259 "Allow all sites."; 2260 } 2261 } 2262 case deny-any-except { 2263 leaf-list permit-site { 2264 type leafref { 2265 path "/l2vpn-ntw/sites/site/site-id"; 2266 } 2267 description 2268 "Site ID to be authorized."; 2269 } 2270 } 2271 case permit-any-except { 2272 leaf-list deny-site { 2273 type leafref { 2274 path "/l2vpn-ntw/sites/site/site-id"; 2275 } 2276 description 2277 "Site ID to be denied."; 2278 } 2279 } 2281 description 2282 "Choice for cloud access policy."; 2283 } 2284 container authorized-sites { 2285 list authorized-site { 2286 key site-id; 2288 leaf site-id { 2289 type leafref { 2290 path "/l2vpn-ntw/sites/site/site-id"; 2291 } 2292 description 2293 "Site ID."; 2294 } 2295 description 2296 "List of authorized sites."; 2297 } 2298 description 2299 "Configuration of authorized sites."; 2300 } 2301 container denied-sites { 2302 list denied-site { 2303 key site-id; 2305 leaf site-id { 2306 type leafref { 2307 path "/l2vpn-ntw/sites/site/site-id"; 2308 } 2309 description 2310 "Site ID."; 2311 } 2312 description 2313 "List of denied sites."; 2314 } 2315 description 2316 "Configuration of denied sites."; 2317 } 2319 description 2320 "Cloud access configuration."; 2321 } 2322 description 2323 "Container for cloud access configurations"; 2324 } 2325 description 2326 "Grouping for vpn cloud definition"; 2327 } 2329 grouping site-device { 2330 container device { 2331 list devices { 2332 key "device-id"; 2333 leaf device-id { 2334 type string; 2335 description 2336 "Device ID"; 2337 } 2339 leaf location { 2340 type leafref { 2341 path "/l2vpn-ntw/sites/site/locations/location/location-id"; 2342 } 2343 description 2344 "Site name"; 2345 } 2346 container management { 2347 leaf address { 2348 type inet:ip-address; 2349 description 2350 "Address"; 2351 } 2352 leaf management-transport { 2353 type identityref { 2354 base address-family; 2355 } 2356 description 2357 "Transport protocol used for management."; 2358 } 2359 description 2360 "Container for management"; 2361 } 2362 description 2363 "List of devices"; 2364 } 2365 description 2366 "Devices configuration"; 2367 } 2368 description 2369 "Device parameters for the site."; 2370 } 2372 grouping site-management { 2373 container management { 2374 leaf type { 2375 type identityref { 2376 base management; 2377 } 2378 description 2379 "Management type of the connection."; 2380 } 2381 description 2382 "Container for management"; 2383 } 2384 description 2385 "Grouping for management"; 2386 } 2388 grouping site-vpn-policy { 2389 container vpn-policies { 2390 list vpn-policy { 2391 key vpn-policy-id; 2392 leaf vpn-policy-id { 2393 type string; 2394 description 2395 "Unique identifier for the VPN policy."; 2396 } 2397 list entries { 2398 key id; 2399 leaf id { 2400 type string; 2401 description 2402 "Unique identifier for the policy entry."; 2403 } 2405 container filters { 2406 list filter { 2407 key type; 2408 ordered-by user; 2409 leaf type { 2410 type identityref { 2411 base vpn-policy-filter-type; 2412 } 2413 description 2414 "Type of VPN Policy filter."; 2415 } 2416 /*leaf-list lan-tag { 2417 when "derived-from-or-self(../type, 'l2vpn-ntw:lan')" { 2418 description 2419 "Only applies when VPN Policy filter is LAN Tag filter."; 2420 } 2421 if-feature lan-tag; 2422 type uint32; 2423 description 2424 "List of Ethernet LAN Tag to be matched. Ethernet LAN Tag 2425 identifies a particular broadcast domain in a VPN. "; 2426 }*/ 2427 /*leaf-list ipv4-lan-prefix { 2428 when "derived-from-or-self(../type, 'l2vpn-ntw:ipv4')" { 2429 description 2430 "Only applies when VPN Policy filter is IPv4 Prefix filter."; 2431 } 2432 if-feature ipv4; 2433 type inet:ipv4-prefix; 2434 description 2435 "List of IPv4 prefixes as LAN Prefixes to be matched."; 2436 }*/ 2437 /*leaf-list ipv6-lan-prefix { 2438 when "derived-from-or-self(../type, 'l2vpn-ntw:ipv6')" { 2439 description 2440 "Only applies when VPN Policy filter is IPv6 Prefix filter."; 2441 } 2442 if-feature ipv6; 2443 type inet:ipv6-prefix; 2444 description 2445 "List of IPv6 prefixes as LAN prefixes to be matched."; 2446 }*/ 2447 description 2448 "List of filters used on the site. This list can 2449 be augmented."; 2450 } 2451 description 2452 "If a more-granular VPN attachment is necessary, filtering can 2453 be used. If used, it permits the splitting of site LANs among 2454 multiple VPNs.The Site LAN can be split based on either LAN-tag 2455 or LAN prefix. If no filter is used, all the LANs will be 2456 part of the same VPNs with the same role."; 2457 } 2459 list vpn { 2460 key vpn-id; 2461 leaf vpn-id { 2462 type leafref { 2463 path "/l2vpn-ntw/vpn-services/"+ 2464 "vpn-svc/vpn-id"; 2465 } 2466 mandatory true; 2467 description 2468 "Reference to an IP VPN."; 2469 } 2470 leaf site-role { 2471 type identityref { 2472 base site-role; 2473 } 2474 default any-to-any-role; 2475 description 2476 "Role of the site in the IP VPN."; 2477 } 2478 description 2479 "List of VPNs the LAN is associated with."; 2480 } 2481 description 2482 "List of entries for export policy."; 2483 } 2484 description 2485 "List of VPN policies."; 2486 } 2487 description 2488 "VPN policy."; 2489 } 2490 description 2491 "VPN policy parameters for the site."; 2492 } 2493 grouping bum-frame-delivery { 2494 container bum-frame-delivery-modes { 2495 list bum-frame-delivery { 2496 key traffic-type; 2497 leaf traffic-type { 2498 type identityref { 2499 base tf-type; 2500 } 2501 description 2502 "Type of frame delivery. It support unicast 2503 frame delivery, multicast frame delivery 2504 and broadcast frame delivery."; 2505 } 2506 leaf delivery-mode { 2507 type identityref { 2508 base frame-delivery-mode; 2509 } 2510 description 2511 " Define Frame Delivery Mode 2512 (unconditional[default], conditional, or discard)."; 2513 } 2514 description 2515 "List of frame delivery type and mode."; 2516 } 2517 description 2518 "Define frame delivery type and mode."; 2519 } 2520 description 2521 "Grouping for unicast, mulitcast, broadcast frame delivery"; 2522 } 2524 grouping cvlan-svc-map-grouping { 2525 list cvlan-id-to-svc-map { 2526 key "svc-id"; 2527 leaf svc-id { 2528 type leafref { 2529 path "/l2vpn-ntw/vpn-services/vpn-svc/vpn-id"; 2530 } 2531 description 2532 "VPN Service identifier"; 2533 } 2534 list cvlan-id { 2535 key vid; 2536 leaf vid { 2537 type uint32; 2538 description 2539 "CVLAN ID"; 2540 } 2541 description 2542 "List of CVLAN-ID to SVC Map configurations"; 2543 } 2544 description 2545 "List for cvlan-id to L2VPn Service map configurations"; 2546 } 2547 description 2548 "Grouping for cvlan to L2VPN service mapping"; 2549 } 2550 grouping customer-location-info { 2551 container locations { 2552 list location { 2553 key location-id; 2554 leaf location-id{ 2555 type string; 2556 description 2557 "Location ID"; 2558 } 2559 leaf address { 2560 type string; 2561 description 2562 "Address (number and street) of the site."; 2563 } 2564 leaf zip-code { 2565 type string; 2566 description 2567 "ZIP code of the site."; 2568 } 2569 leaf state { 2570 type string; 2571 description 2572 "State of the site. This leaf can also be used to 2573 describe a region for country who does not have 2574 states."; 2575 } 2576 leaf city { 2577 type string; 2578 description 2579 "City of the site."; 2580 } 2582 leaf country-code { 2583 type string; 2584 description 2585 "Country of the site."; 2586 } 2587 description 2588 "List for location"; 2589 } 2590 description 2591 "Location of the site."; 2592 } 2593 description 2594 "This grouping defines customer location parameters"; 2595 } 2597 grouping site-diversity { 2598 container site-diversity { 2599 if-feature site-diversity; 2600 container groups { 2601 list group { 2602 key group-id; 2603 leaf group-id { 2604 type string; 2605 description 2606 "Group-id the site is belonging to"; 2607 } 2608 description 2609 "List of group-id"; 2610 } 2611 description 2612 "Groups the site is belonging to. 2613 All site network accesses will inherit those group 2614 values."; 2615 } 2616 description 2617 "Diversity constraint type."; 2618 } 2619 description 2620 "This grouping defines site diversity parameters"; 2621 } 2623 grouping site-service { 2624 description 2625 "This grouping defines site service parameters"; 2626 } 2628 grouping vpn-service-multicast { 2629 container multicast-like { 2630 if-feature multicast-like; 2631 leaf enabled { 2632 type boolean; 2633 default false; 2634 description 2635 "Enables multicast."; 2636 } 2637 container customer-tree-flavors { 2638 leaf-list tree-flavor { 2639 type identityref { 2640 base multicast-tree-type; 2641 } 2642 description 2643 "Type of tree to be used."; 2644 } 2645 description 2646 "Type of trees used by customer."; 2647 } 2648 /*leaf traffic-type { 2649 type identityref { 2650 base tf-type; 2651 } 2652 description 2653 "Traffic Type"; 2654 }*/ 2655 uses bum-frame-delivery; 2656 leaf multicast-gp-port-mapping { 2657 type identityref { 2658 base mapping-type; 2659 } 2660 description 2661 "Describe the way in which each interface is associated with the Multicast group"; 2662 } 2663 description 2664 "Multicast global parameters for the VPN service."; 2665 } 2666 description 2667 "Grouping for multicast VPN definition."; 2668 } 2669 grouping vpn-extranet { 2670 container extranet-vpns { 2671 if-feature extranet-vpn; 2672 list extranet-vpn { 2673 key vpn-id; 2675 leaf vpn-id { 2676 type svc-id; 2677 description 2678 "Identifies the target VPN."; 2679 } 2680 leaf local-sites-role { 2681 type identityref { 2682 base site-role; 2683 } 2684 default any-to-any-role; 2685 description 2686 "This describes the role of the 2687 local sites in the target VPN topology."; 2688 } 2689 description 2690 "List of extranet VPNs the local VPN is attached to."; 2691 } 2692 description 2693 "Container for extranet VPN configuration."; 2694 } 2695 description 2696 "Grouping for extranet VPN configuration. 2697 This provides an easy way to interconnect 2698 all sites from two VPNs."; 2699 } 2701 grouping signaling-options-grouping { 2702 list signaling-options { 2703 key "type"; 2704 leaf type { 2705 type identityref { 2706 base vpn-signaling-type; 2707 } 2708 description 2709 "VPN signaling types"; 2710 } 2711 container l2vpn-bgp { 2712 when "../type = 'l2vpn-bgp'" { 2713 description 2714 "Only applies when vpn signaling type is l2vpn BGP protocol."; 2715 } 2716 leaf vpn-id { 2717 type leafref{ 2718 path "/l2vpn-ntw/vpn-services/vpn-svc/vpn-id"; 2719 } 2720 description 2721 "Identifies the target VPN"; 2722 } 2723 leaf type { 2724 type identityref { 2725 base l2vpn-type; 2726 } 2727 description 2728 "L2VPN types"; 2729 } 2730 leaf pwe-encapsulation-type { 2731 type identityref { 2732 base pwe-encapsulation-type; 2734 } 2735 description 2736 "PWE Encapsulation Type"; 2737 } 2738 container pwe-mtu { 2739 leaf allow-mtu-mismatch { 2740 type boolean; 2741 description 2742 "Allow MTU mismatch"; 2743 } 2744 description 2745 "Container of PWE MTU configurations"; 2746 } 2747 leaf address-family { 2748 type identityref { 2749 base address-family; 2750 } 2751 description 2752 "Address family used for management."; 2753 } 2754 description 2755 "Container for MP BGP L2VPN"; 2756 } 2757 container evpn-bgp { 2758 when "../type = 'evpn-bgp'" { 2760 description 2761 "Only applies when vpn signaling type is EVPN BGP protocol."; 2762 } 2763 leaf vpn-id { 2764 type leafref{ 2765 path "/l2vpn-ntw/vpn-services/vpn-svc/vpn-id"; 2766 } 2767 description 2768 "Identifies the target EVPN"; 2769 } 2770 leaf type { 2771 type identityref { 2772 base evpn-type; 2773 } 2774 description 2775 "L2VPN types"; 2776 } 2777 leaf address-family { 2778 type identityref { 2779 base address-family; 2780 } 2781 description 2782 "Address family used for management."; 2783 } 2784 leaf mac-learning-mode { 2785 type identityref { 2786 base mac-learning-mode; 2787 } 2788 description 2789 "Indicates through which plane MAC addresses are 2790 advertised."; 2791 } 2792 leaf arp-suppress { 2793 type boolean; 2794 default false; 2795 description 2796 "Indicates whether to suppress ARP broadcast."; 2797 } 2798 description 2799 "Container for MP BGP L2VPN"; 2800 } 2801 container t-ldp-pwe { 2802 when "../type = 't-ldp'" { 2803 description 2804 "Only applies when vpn signaling type is Target LDP."; 2805 } 2806 leaf type { 2807 type identityref { 2808 base t-ldp-pwe-type; 2809 } 2810 description 2811 "T-LDP PWE type"; 2812 } 2813 leaf pwe-encapsulation-type { 2814 type identityref { 2815 base pwe-encapsulation-type; 2816 } 2817 description 2818 "PWE Encapsulation Type."; 2819 } 2820 leaf control-word { 2821 type boolean; 2822 description 2823 "Control word configurations"; 2824 } 2825 container pwe-mtu { 2826 leaf allow-mtu-mismatch { 2827 type boolean; 2828 description 2829 "Allow MTU mismatch"; 2831 } 2832 description 2833 "Container of PWE MTU configurations"; 2834 } 2835 leaf provision-mode { 2836 type identityref { 2837 base provision-model; 2838 } 2839 description 2840 "provision-models. It support Double-Sided Provisioning 2841 model or single-side provisioning model."; 2842 } 2843 list ac-pw-list { 2844 key "peer-addr vc-id"; 2845 leaf peer-addr { 2846 type inet:ip-address; 2847 description 2848 "Peer IP address."; 2849 } 2850 leaf vc-id { 2851 type string; 2852 description 2853 "VC lable used to identify PW."; 2854 } 2855 /*leaf ac-group-id { 2856 type leafref{ 2857 path "../../../../../vpn-network-accesses/vpn-network-access/"+ 2858 "access-diversity/groups/group/group-id"; 2859 } 2860 description 2861 "Reference to Network Access Group ID."; 2862 }*/ 2863 leaf pw-type { 2864 type identityref { 2865 base pw-topo-type; 2866 } 2867 description 2868 "PW topology type"; 2869 } 2870 leaf pw-priority { 2871 type uint32; 2872 description 2873 "Defines the priority for the PW. 2874 The higher the pw-priority value, 2875 the higher the preference of the PW will be."; 2876 } 2877 description 2878 "List of AC and PW bindings."; 2880 } 2881 container qinq { 2882 when "../type = 'h-vpls'" { 2883 description 2884 "Only applies when t-ldp pwe type is h-vpls."; 2885 } 2886 leaf s-tag { 2887 type uint32; 2888 description 2889 "S-TAG"; 2890 } 2891 leaf c-tag { 2892 type uint32; 2893 description 2894 "C-TAG"; 2895 } 2896 description 2897 "Container for QinQ"; 2898 } 2899 description 2900 "Container of T-LDP PWE configurations"; 2901 } 2902 container l2tp-pwe { 2903 when "../type = 'l2tp'" { 2904 description 2905 "Only applies when vpn signaling type is L2TP protocol."; 2906 } 2907 leaf type { 2908 type identityref { 2909 base t-ldp-pwe-type; 2910 } 2911 description 2912 "T-LDP PWE type"; 2913 } 2914 leaf encapsulation-type { 2915 type identityref { 2916 base encapsulation-type; 2917 } 2918 description 2919 "Encapsulation type"; 2920 } 2921 leaf control-word { 2922 type boolean; 2923 description 2924 "Control word configurations"; 2925 } 2926 list ac-pw-list { 2927 key "peer-addr vc-id"; 2928 leaf peer-addr { 2929 type inet:ip-address; 2930 description 2931 "Peer IP address."; 2932 } 2933 leaf vc-id { 2934 type string; 2935 description 2936 "VC lable used to identify PW."; 2937 } 2938 /* 2939 leaf ac-group-id { 2940 type leafref{ 2941 path "../../../../../"+ 2942 "vpn-network-accesses/vpn-network-access/"+ 2943 "access-diversity/groups/group/group-id"; 2944 } 2945 description 2946 "Reference to Network Access Group ID."; 2947 } 2948 */ 2949 leaf pw-type { 2950 type identityref { 2951 base pw-topo-type; 2952 } 2953 description 2954 "PW topology type"; 2955 } 2956 leaf pw-priority { 2957 type uint32; 2958 description 2959 "PW priority"; 2960 } 2961 description 2962 "List of AC and PW bindings."; 2963 } 2964 description 2965 "Container for l2tp pw"; 2966 } 2967 description 2968 "List of VPN Signaling Option."; 2969 } 2970 description 2971 "Grouping for signaling option"; 2972 } 2973 /* 2974 grouping load-balance-grouping { 2975 leaf enable { 2976 type boolean; 2977 description 2978 "Enable load balancing"; 2979 } 2980 leaf load-balance-method { 2981 type identityref { 2982 base load-balance-method; 2984 } 2985 description 2986 "select load balancing method such as 2987 fat-pw, entropy-label, or 2988 vxlan-source-udp-port."; 2989 } 2990 description 2991 "Grouping for load balance "; 2992 } 2993 */ 2994 grouping operational-requirements-ops { 2995 leaf actual-site-start { 2996 type yang:date-and-time; 2997 config false; 2998 description 2999 "Optional leaf indicating actual date 3000 and time when the service at a particular 3001 site actually started"; 3002 } 3003 leaf actual-site-stop { 3004 type yang:date-and-time; 3005 config false; 3006 description 3007 "Optional leaf indicating actual date 3008 and time when the service at a particular 3009 site actually stopped"; 3010 } 3011 leaf bundling-type { 3012 type identityref { 3013 base bundling-type; 3014 } 3015 description 3016 "Bundling type"; 3017 } 3018 leaf default-ce-vlan-id { 3019 type uint32; 3020 description 3021 "Default CE VLAN ID set at site level."; 3022 } 3023 description 3024 "This grouping defines some operational parameters 3025 parameters"; 3026 } 3028 grouping cfm-802-grouping { 3029 leaf maid { 3030 type string; 3031 description 3032 "MA ID"; 3033 } 3034 leaf mep-id { 3035 type uint32; 3036 description 3037 "Local MEP ID"; 3038 } 3039 leaf mep-level { 3040 type uint32; 3041 description 3042 "MEP level"; 3043 } 3044 leaf mep-up-down { 3045 type enumeration { 3046 enum up { 3047 description 3048 "MEP up"; 3049 } 3050 enum down { 3051 description 3052 "MEP down"; 3053 } 3054 } 3055 description 3056 "MEP up/down"; 3057 } 3058 leaf remote-mep-id { 3059 type uint32; 3060 description 3061 "Remote MEP ID"; 3062 } 3063 leaf cos-for-cfm-pdus { 3064 type uint32; 3065 description 3066 "COS for CFM PDUs"; 3067 } 3068 leaf ccm-interval { 3069 type uint32; 3070 description 3071 "CCM interval"; 3072 } 3073 leaf ccm-holdtime { 3074 type uint32; 3075 description 3076 "CCM hold time"; 3077 } 3078 leaf alarm-priority-defect { 3079 type identityref { 3080 base fault-alarm-defect-type; 3081 } 3082 description 3083 "The lowest priority defect that is 3084 allowed to generate a Fault Alarm. 3085 The non-existence of this leaf means 3086 that no defects are to be reported"; 3087 } 3088 leaf ccm-p-bits-pri { 3089 type ccm-priority-type; 3090 description 3091 "The priority parameter for CCMs transmitted by the MEP"; 3092 } 3093 description 3094 "Grouping for 802.1ag CFM attribute"; 3095 } 3097 grouping y-1731 { 3098 list y-1731 { 3099 key maid; 3100 leaf maid { 3101 type string; 3102 description 3103 "MA ID "; 3104 } 3105 leaf mep-id { 3106 type uint32; 3107 description 3108 "Local MEP ID"; 3109 } 3111 leaf type { 3112 type identityref { 3113 base pm-type; 3114 } 3116 description 3117 "Performance monitor types"; 3118 } 3119 leaf remote-mep-id { 3120 type uint32; 3121 description 3122 "Remote MEP ID"; 3123 } 3124 leaf message-period { 3125 type uint32; 3126 description 3127 "Defines the interval between OAM messages. The message 3128 period is expressed in milliseconds"; 3129 } 3130 leaf measurement-interval { 3131 type uint32; 3132 description 3133 "Specifies the measurement interval for statistics. The 3134 measurement interval is expressed in seconds"; 3135 } 3136 leaf cos { 3137 type uint32; 3138 description 3139 "Class of service"; 3140 } 3141 leaf loss-measurement { 3142 type boolean; 3143 description 3144 "Whether enable loss measurement"; 3145 } 3147 leaf synthethic-loss-measurement { 3148 type boolean; 3149 description 3150 "Indicate whether enable synthetic loss measurement"; 3151 } 3152 container delay-measurement { 3153 leaf enable-dm { 3154 type boolean; 3155 description 3156 "Whether to enable delay measurement"; 3157 } 3158 leaf two-way { 3159 type boolean; 3160 description 3162 "Whether delay measurement is two-way (true) of one- 3163 way (false)"; 3164 } 3165 description 3166 "Container for delay measurement"; 3167 } 3168 leaf frame-size { 3169 type uint32; 3170 description 3171 "Frame size"; 3172 } 3173 leaf session-type { 3174 type enumeration { 3175 enum proactive { 3176 description 3177 "Proactive mode"; 3178 } 3179 enum on-demand { 3180 description 3181 "On demand mode"; 3182 } 3183 } 3184 description 3185 "Session type"; 3186 } 3187 description 3188 "List for y-1731."; 3189 } 3190 description 3191 "Grouping for y.1731"; 3192 } 3194 grouping enni-site-info-grouping { 3195 container site-info { 3196 leaf site-name { 3197 type string; 3198 description 3199 "Site name"; 3200 } 3201 leaf address { 3202 type inet:ip-address; 3203 description 3204 "Address"; 3205 } 3206 leaf Edge-Gateway-Device-Info { 3207 type string; 3208 description 3209 "Edge Gateway Device Info "; 3210 } 3211 description 3212 "Container of site info configurations"; 3213 } 3214 description 3215 "Grouping for site information"; 3216 } 3218 /*grouping site-security { 3219 container security { 3220 uses mac-loop-prevention-grouping; 3221 container access-control-list { 3222 list mac { 3223 key "mac-address"; 3224 leaf mac-address { 3225 type yang:mac-address; 3226 description 3227 "MAC address"; 3228 } 3229 description 3230 "List for MAC"; 3231 } 3232 description 3233 "Container for access control"; 3234 } 3235 uses mac-addr-limit-grouping; 3236 uses cvlan-svc-map-grouping; 3237 description 3238 "Security parameters"; 3239 } 3240 description 3241 "This grouping defines security parameters for a site"; 3242 }*/ 3243 grouping acl-grouping { 3244 container access-control-list { 3245 list mac { 3246 key "mac-address"; 3247 leaf mac-address { 3248 type yang:mac-address; 3249 description 3250 "MAC address."; 3251 } 3252 description 3253 "List for MAC."; 3254 } 3255 description 3256 "Container for access control List."; 3257 } 3258 description 3259 "This grouping defines Access Control List."; 3260 } 3262 grouping lacp-grouping { 3263 container lacp { 3264 leaf lacp-state { 3265 type boolean; 3266 description 3267 "LACP on/off"; 3268 } 3269 leaf lacp-mode { 3270 type boolean; 3271 description 3272 "LACP mode"; 3273 } 3274 leaf lacp-speed { 3275 type boolean; 3276 description 3277 "LACP speed"; 3278 } 3279 leaf mini-link { 3280 type uint32; 3281 description 3282 "The minimum aggregate bandwidth for a LAG"; 3283 } 3284 leaf system-priority { 3285 type uint16; 3286 description 3287 "Indicates the LACP priority for the system. 3288 The range is from 0 to 65535. 3289 The default is 32768."; 3290 } 3291 container micro-bfd { 3292 if-feature micro-bfd; 3293 leaf micro-bfd-on-off { 3294 type enumeration { 3295 enum on { 3296 description 3297 "Micro-bfd on"; 3298 } 3299 enum off { 3300 description 3301 "Micro-bfd off"; 3302 } 3303 } 3304 description 3305 "Micro BFD ON/OFF"; 3306 } 3307 leaf bfd-interval { 3308 type uint32; 3310 description 3311 "BFD interval"; 3313 } 3314 leaf bfd-hold-timer { 3315 type uint32; 3316 description 3317 "BFD hold timer"; 3318 } 3319 description 3320 "Container of Micro-BFD configurations"; 3321 } 3322 container bfd { 3323 if-feature bfd; 3324 leaf bfd-enabled { 3325 type boolean; 3326 description 3327 "BFD activation"; 3328 } 3329 choice holdtime { 3330 case profile { 3331 leaf profile-name { 3332 type string; 3333 description 3334 "Service provider well known profile."; 3335 } 3336 description 3337 "Service provider well known profile."; 3338 } 3339 case fixed { 3340 leaf fixed-value { 3341 type uint32; 3342 units msec; 3343 description 3344 "Expected hold time expressed in msec."; 3345 } 3346 } 3347 description 3348 "Choice for hold time flavor."; 3349 } 3350 description 3351 "Container for BFD."; 3352 } 3353 container member-link-list { 3354 list member-link { 3355 key "name"; 3356 leaf name { 3357 type string; 3358 description 3359 "Member link name"; 3360 } 3361 leaf port-speed { 3363 type uint32; 3364 description 3365 "Port speed"; 3366 } 3367 leaf mode { 3368 type neg-mode; 3369 description 3370 "Negotiation mode"; 3371 } 3372 leaf link-mtu { 3373 type uint32; 3374 description 3375 "Link MTU size."; 3376 } 3377 container oam-802.3ah-link { 3378 if-feature oam-3ah; 3379 leaf enable { 3380 type boolean; 3381 description 3382 "Indicate whether support oam 802.3 ah link"; 3383 } 3384 description 3385 "Container for oam 802.3 ah link."; 3386 } 3387 description 3388 "Member link"; 3389 } 3390 description 3391 "Container of Member link list"; 3392 } 3393 leaf flow-control { 3394 type string; 3395 description 3396 "Flow control"; 3397 } 3399 leaf lldp { 3400 type boolean; 3401 description 3402 "LLDP"; 3403 } 3404 description 3405 "LACP"; 3406 } 3407 description 3408 "Grouping for lacp"; 3409 } 3411 grouping phy-interface-grouping { 3412 container phy-interface { 3413 leaf port-number { 3414 type uint32; 3415 description 3416 "Port number"; 3417 } 3418 leaf port-speed { 3420 type uint32; 3421 description 3422 "Port speed"; 3423 } 3424 leaf mode { 3425 type neg-mode; 3426 description 3427 "Negotiation mode"; 3428 } 3430 leaf phy-mtu { 3431 type uint32; 3432 description 3433 "PHY MTU"; 3434 } 3435 leaf flow-control { 3436 type string; 3437 description 3438 "Flow control"; 3439 } 3440 leaf physical-if { 3441 type string; 3442 description 3443 "Physical interface"; 3444 } 3445 leaf circuit-id { 3446 type string; 3447 description 3448 "Circuit ID"; 3449 } 3450 leaf lldp { 3451 type boolean; 3452 description 3453 "LLDP"; 3454 } 3455 container oam-802.3ah-link { 3456 if-feature oam-3ah; 3457 leaf enable { 3458 type boolean; 3459 description 3460 "Indicate whether support oam 802.3 ah link"; 3461 } 3462 description 3463 "Container for oam 802.3 ah link."; 3464 } 3465 leaf uni-loop-prevention { 3466 type boolean; 3468 description 3469 "If this leaf set to truth that the port automatically 3470 goes down when a physical loopback is detect."; 3471 } 3472 description 3473 "Container of PHY Interface Attributes configurations"; 3474 } 3475 description 3476 "Grouping for phy interface."; 3477 } 3479 grouping lag-interface-grouping { 3480 container lag-interface { 3481 if-feature lag-interface; 3482 list lag-interface { 3483 key "lag-interface-number"; 3484 leaf lag-interface-number { 3485 type uint32; 3486 description 3487 "LAG interface number"; 3488 } 3489 uses lacp-grouping; 3490 description 3491 "List of LAG interfaces"; 3492 } 3493 description 3494 "Container of LAG interface attributes configuration"; 3495 } 3496 description 3497 "Grouping for LAG interface"; 3498 } 3499 grouping dot1q-interface-grouping { 3500 container dot1q-interface { 3501 leaf l2-access-type { 3502 type identityref { 3503 base l2-access-type; 3504 } 3505 description 3506 "L2 Access Encapsulation Type"; 3507 } 3508 container dot1q { 3509 when "'../l2-access-type'='dot1q'"; 3510 if-feature dot1q; 3511 leaf physical-inf { 3512 type string; 3513 description 3514 "Physical Interface"; 3515 } 3516 leaf c-vlan-id { 3517 type uint32; 3518 description 3519 "VLAN identifier"; 3520 } 3521 description 3522 "Qot1q"; 3523 } 3525 container sub-inf { 3526 when "'../l2-access-type'='sub-interface'"; 3527 if-feature sub-inf; 3528 leaf interface-description { 3529 type string; 3530 description 3531 "Interface description"; 3532 } 3533 leaf sub-if-id { 3534 type uint32; 3535 description 3536 "Sub interface ID"; 3537 } 3538 description 3539 "sub interface"; 3540 } 3541 container qinq { 3542 when "'../l2-access-type'='qinq'"; 3543 if-feature qinq; 3544 leaf s-vlan-id { 3545 type uint32; 3546 description 3547 "S-VLAN Identifier"; 3548 } 3549 leaf c-vlan-id { 3550 type uint32; 3551 description 3552 "C-VLAN Identifier"; 3553 } 3554 description 3555 "QinQ"; 3556 } 3557 container qinany { 3558 if-feature qinany; 3559 leaf s-vlan-id { 3560 type uint32; 3561 description 3562 "S-Vlan ID"; 3563 } 3564 description 3565 "Container for Q in Any"; 3566 } 3567 container atm { 3568 when "'../l2-access-type'='atm'"; 3569 if-feature atm; 3570 leaf vpi { 3571 type uint32; 3572 description 3573 "VPI Identifier"; 3574 } 3575 leaf vci { 3576 type uint32; 3577 description 3578 "VCI Identifier"; 3579 } 3580 description 3581 "ATM Cell."; 3582 } 3583 container vxlan { 3584 when "'../l2-access-type'='vxlan'"; 3585 if-feature vxlan; 3586 leaf vni-id { 3587 type uint32; 3588 description 3589 "VNI Identifier"; 3590 } 3591 leaf peer-mode { 3592 type identityref { 3593 base vxlan-peer-mode; 3594 } 3595 description 3596 "specify the vxlan access mode"; 3597 } 3598 list peer-list { 3599 key peer-ip; 3600 leaf peer-ip { 3601 type inet:ip-address; 3602 description 3603 "Peer IP"; 3604 } 3605 description 3606 "List for peer IP"; 3607 } 3608 description 3609 "QinQ"; 3610 } 3611 description 3612 "Container for dot1Q Interface"; 3613 } 3614 description 3615 "Grouping for Layer2 access"; 3616 } 3618 grouping ethernet-connection-grouping { 3619 container connection { 3620 leaf encapsulation-type { 3621 type identityref { 3622 base encapsulation-type; 3623 } 3624 description 3625 "Encapsulation Type"; 3626 } 3627 leaf-list eth-inf-type { 3628 type identityref { 3629 base eth-inf-type; 3630 } 3631 description 3632 "Ethernet Interface Type"; 3633 } 3634 uses dot1q-interface-grouping; 3635 uses phy-interface-grouping; 3636 uses lag-interface-grouping; 3637 uses cvlan-svc-map-grouping; 3638 uses split-horizon-group; 3639 uses l2cp-grouping; 3640 description 3641 "Container for bearer"; 3642 } 3643 description 3644 "Grouping for bearer."; 3645 } 3646 grouping svc-mtu-grouping { 3647 leaf svc-mtu { 3648 type uint32; 3649 description 3650 "SVC MTU, it is also known as the maximum transmission unit or 3651 maximum frame size,When a frame is larger than the MTU, it is 3652 broken down, or fragmented, into smaller pieces by the network protocol 3653 to accommodate the MTU of the network"; 3654 } 3655 description 3656 "Grouping for service mtu."; 3657 } 3659 grouping svc-preservation-grouping { 3660 leaf ce-vlan-preservation { 3661 type boolean; 3662 description 3663 "Preserve the CE-VLAN ID from ingress to egress,i.e., 3664 CE-VLAN tag of the egress frame are identical to 3665 those of the ingress frame that yielded this 3666 egress service frame. If All-to-One bundling within a site 3667 is Enabled, then preservation applies to all Ingress service 3668 frames. If All-to-One bundling is Disabled , then preservation 3669 applies to tagged Ingress service frames having CE-VLAN ID 1 3670 through 4094."; 3671 } 3672 leaf ce-vlan-cos-perservation { 3673 type boolean; 3674 description 3675 "CE vlan CoS preservation. PCP bits in the CE-VLAN tag of the egress 3676 frame are identical to those of the ingress frame that yielded this 3677 egress service frame. 3679 "; 3680 } 3681 description 3682 "Grouping for service preservation."; 3683 } 3685 grouping mac-addr-limit-grouping { 3686 container mac-addr-limit { 3687 leaf mac-num-limit { 3688 type uint16; 3689 description 3690 "maximum number of MAC addresses learned from 3691 the subscriber for a single service instance."; 3692 } 3693 leaf time-interval { 3694 type uint32; 3695 units milliseconds; 3696 description 3697 "The aging time of the mac address."; 3698 } 3699 leaf action { 3700 type identityref { 3701 base mac-action; 3702 } 3703 description 3704 "specify the action when the upper limit is 3705 exceeded: drop the packet, flood the 3706 packet, or simply send a warning log message."; 3707 } 3708 description 3709 "Container of MAC-Addr limit configurations"; 3710 } 3711 description 3712 "Grouping for mac address limit"; 3713 } 3715 grouping availability-grouping { 3716 container availability { 3717 leaf access-priority { 3718 type uint32; 3719 description 3720 "Access priority"; 3721 } 3722 choice redundancy-mode { 3723 case single-active { 3724 leaf single-active { 3725 type boolean; 3726 description 3727 "Single active"; 3728 } 3729 description 3730 "Single active case"; 3731 } 3732 case all-active { 3733 leaf all-active { 3734 type boolean; 3735 description 3736 "All active"; 3737 } 3738 description 3739 "All active case"; 3740 } 3741 description 3742 "Redundancy mode choice"; 3743 } 3744 description 3745 "Container of availability optional configurations"; 3746 } 3747 description 3748 "Grouping for availability"; 3749 } 3751 grouping l2cp-grouping { 3752 container l2cp-control { 3753 if-feature L2CP-control; 3754 leaf stp-rstp-mstp { 3755 type control-mode; 3756 description 3757 "STP/RSTP/MSTP protocol type applicable to all UNIs"; 3758 } 3759 leaf pause { 3760 type control-mode; 3761 description 3762 "Pause protocol type applicable to all UNIs"; 3764 } 3765 leaf lacp-lamp { 3766 type control-mode; 3767 description 3768 "LACP/LAMP "; 3769 } 3770 leaf link-oam { 3771 type control-mode; 3772 description 3773 "Link OAM"; 3774 } 3775 leaf esmc { 3776 type control-mode; 3777 description 3778 "ESMC"; 3779 } 3780 leaf l2cp-802.1x { 3781 type control-mode; 3782 description 3783 "802.x"; 3784 } 3785 leaf e-lmi { 3786 type control-mode; 3787 description 3788 "E-LMI"; 3789 } 3790 leaf lldp { 3791 type boolean; 3792 description 3793 "LLDP protocol type applicable to all UNIs"; 3794 } 3795 leaf ptp-peer-delay { 3796 type control-mode; 3797 description 3798 "PTP peer delay"; 3799 } 3800 leaf garp-mrp { 3801 type control-mode; 3802 description 3803 "GARP/MRP"; 3804 } 3805 description 3806 "Container of L2CP control configurations"; 3807 } 3808 description 3809 "Grouping for l2cp control"; 3810 } 3812 grouping B-U-M-grouping { 3813 container broadcast-unknown-unicast-multicast { 3814 leaf multicast-site-type { 3815 type enumeration { 3816 enum receiver-only { 3817 description 3818 "The site only has receivers."; 3819 } 3820 enum source-only { 3821 description 3822 "The site only has sources."; 3823 } 3824 enum source-receiver { 3825 description 3826 "The site has both sources and receivers."; 3827 } 3828 } 3829 default "source-receiver"; 3830 description 3831 "Type of multicast site."; 3832 } 3833 list multicast-gp-address-mapping { 3834 key id; 3835 leaf id { 3836 type uint16; 3837 description 3838 "Unique identifier for the mapping."; 3839 } 3840 leaf vlan-id { 3841 type uint32; 3842 description 3843 "the VLAN ID of the Multicast group"; 3844 } 3845 leaf mac-gp-address { 3846 type yang:mac-address; 3848 description 3849 "the MAC address of the Multicast group"; 3850 } 3851 leaf port-lag-number { 3852 type uint32; 3853 description 3854 "the ports/LAGs belonging to the Multicast group"; 3855 } 3856 description 3857 "List of Port to group mappings."; 3858 } 3859 leaf bum-overall-rate { 3860 type uint32; 3861 description 3862 "overall rate for BUM"; 3863 } 3864 list bum-rate-per-type { 3865 key "type"; 3866 leaf type { 3867 type identityref { 3868 base bum-type; 3869 } 3870 description 3871 "BUM type"; 3872 } 3873 leaf rate { 3874 type uint32; 3875 description 3876 "rate for BUM"; 3877 } 3878 description 3879 "List of rate per type"; 3880 } 3881 description 3882 "Container of broadcast, unknown unicast, and multicast configurations"; 3883 } 3884 description 3885 "Grouping for broadcast, unknown unicast, and multicast "; 3886 } 3888 grouping mac-loop-prevention-grouping { 3889 container mac-loop-prevention { 3890 leaf frequency { 3891 type uint32; 3892 description 3893 "Frequency"; 3894 } 3895 leaf protection-type { 3896 type identityref { 3897 base loop-prevention-type; 3898 } 3899 description 3900 "Protection type"; 3901 } 3902 leaf number-retries { 3903 type uint32; 3904 description 3905 "Number of retries"; 3906 } 3907 description 3908 "Container of MAC loop prevention."; 3909 } 3910 description 3911 "Grouping for MAC loop prevention"; 3912 } 3914 grouping ethernet-svc-oam-grouping { 3915 container ethernet-service-oam { 3916 leaf md-name { 3917 type string; 3918 description 3919 "Maintenance domain name"; 3920 } 3921 leaf md-level { 3922 type uint8; 3923 description 3924 "Maintenance domain level"; 3925 } 3927 container cfm-802.1-ag { 3928 list n2-uni-c { 3929 key "maid"; 3930 uses cfm-802-grouping; 3931 description 3932 "List of UNI-N to UNI-C"; 3933 } 3934 list n2-uni-n { 3935 key "maid"; 3936 uses cfm-802-grouping; 3937 description 3938 "List of UNI-N to UNI-N"; 3939 } 3940 description 3941 "Container of 802.1ag CFM configurations."; 3942 } 3943 uses y-1731; 3944 description 3945 "Container for Ethernet service OAM."; 3946 } 3947 description 3948 "Grouping for Ethernet service OAM."; 3949 } 3951 grouping fate-sharing-group { 3952 container groups { 3953 leaf fate-sharing-group-size { 3954 type uint16; 3955 description 3956 "Fate sharing group size."; 3957 } 3958 leaf group-color { 3959 type string; 3960 description 3961 "Group color associated with a particular VPN."; 3962 } 3963 list group { 3964 key group-id; 3965 leaf group-id { 3966 type string; 3967 description 3968 "Group-id the site network access 3969 is belonging to"; 3970 } 3971 description 3972 "List of group-id"; 3973 } 3974 description 3975 "Groups the fate sharing group member 3976 is belonging to"; 3977 } 3978 description 3979 "Grouping for Fate sharing group."; 3980 } 3981 grouping site-group { 3982 container groups { 3983 list group { 3984 key group-id; 3985 leaf group-id { 3986 type string; 3987 description 3988 "Group-id the site is belonging to"; 3989 } 3990 description 3991 "List of group-id"; 3992 } 3993 description 3994 "Groups the site or vpn-network-access 3995 is belonging to."; 3996 } 3997 description 3998 "Grouping definition to assign 3999 group-ids to site or vpn-network-access"; 4000 } 4002 grouping access-diversity { 4003 container access-diversity { 4004 if-feature site-diversity; 4005 uses fate-sharing-group; 4006 container constraints { 4007 list constraint { 4008 key constraint-type; 4009 leaf constraint-type { 4010 type identityref { 4011 base placement-diversity; 4012 } 4013 description 4014 "Diversity constraint type."; 4015 } 4016 container target { 4017 choice target-flavor { 4018 case id { 4019 list group { 4020 key group-id; 4021 leaf group-id { 4022 type string; 4023 description 4024 "The constraint will apply 4025 against this particular 4026 group-id"; 4027 } 4028 description 4029 "List of groups"; 4030 } 4031 } 4032 case all-accesses { 4033 leaf all-other-accesses { 4034 type empty; 4035 description 4036 "The constraint will apply 4037 against all other site network 4038 access of this site"; 4039 } 4040 } 4041 case all-groups { 4042 leaf all-other-groups { 4043 type empty; 4044 description 4045 "The constraint will apply 4046 against all other groups the 4047 customer is managing"; 4048 } 4049 } 4050 description 4051 "Choice for the group definition"; 4052 } 4053 description 4054 "The constraint will apply against 4055 this list of groups"; 4056 } 4057 description 4058 "List of constraints"; 4059 } 4060 description 4061 "Constraints for placing this site 4062 network access"; 4063 } 4064 description 4065 "Diversity parameters."; 4066 } 4067 description 4068 "This grouping defines access diversity 4069 parameters"; 4070 } 4072 grouping request-type-profile-grouping { 4073 container request-type-profile { 4074 choice request-type-choice { 4075 case dot1q-case { 4076 container dot1q { 4077 leaf physical-if { 4078 type string; 4079 description 4080 "Physical interface"; 4081 } 4082 leaf vlan-id { 4083 type uint16; 4084 description 4085 "VLAN ID"; 4086 } 4087 description 4088 "Container for dot1q."; 4089 } 4090 description 4091 "Case for dot1q"; 4092 } 4093 case physical-case { 4095 leaf physical-if { 4096 type string; 4097 description 4098 "Physical interface"; 4099 } 4100 leaf circuit-id { 4101 type string; 4102 description 4103 "Circuit ID"; 4104 } 4105 description 4106 "Physical case"; 4107 } 4108 description 4109 "Choice for request type"; 4110 } 4111 description 4112 "Container for request type profile."; 4113 } 4114 description 4115 "Grouping for request type profile"; 4116 } 4118 grouping site-attachment-bearer { 4119 container bearer { 4120 container requested-type { 4121 if-feature requested-type; 4122 leaf requested-type { 4123 type string; 4124 description 4125 "Type of requested bearer Ethernet, ATM, Frame 4126 Relay, IP Layer 2 Transport, Frame Relay DLCI, 4127 SONET/SDH,PPP."; 4128 } 4129 leaf strict { 4130 type boolean; 4131 default false; 4132 description 4133 "Define if the requested-type is a preference 4134 or a strict requirement."; 4135 } 4136 description 4137 "Container for requested type."; 4138 } 4139 leaf always-on { 4140 if-feature always-on; 4141 type boolean; 4142 default true; 4143 description 4144 "Request for an always on access type. 4145 This means no Dial access type for 4146 example."; 4147 } 4148 leaf bearer-reference { 4149 if-feature bearer-reference; 4150 type string; 4151 description 4152 "This is an internal reference for the 4153 service provider."; 4154 } 4155 description 4156 "Bearer specific parameters. 4157 To be augmented."; 4158 } 4159 description 4160 "Grouping to define physical properties of 4161 a site attachment."; 4162 } 4164 grouping vpn-attachment-grouping { 4165 container vpn-attachment { 4166 leaf device-id { 4167 type string; 4168 description 4169 "Device ID"; 4170 } 4171 container management { 4172 leaf address-family { 4173 type identityref { 4174 base address-family; 4175 } 4176 description 4177 "Address family used for management."; 4178 } 4179 leaf address { 4180 type inet:ip-address; 4181 description 4182 "Management address"; 4183 } 4184 description 4185 "Management configuration.."; 4186 } 4187 choice attachment-flavor { 4189 case vpn-flavor { 4190 list vpn-flavor { 4191 key vpn-id; 4192 leaf vpn-id { 4193 type leafref { 4194 path "/l2vpn-ntw/vpn-services"+ 4195 "/vpn-svc/vpn-id"; 4196 } 4197 description 4198 "Reference to a VPN."; 4199 } 4200 leaf site-role { 4201 type identityref { 4202 base site-role; 4203 } 4204 default any-to-any-role; 4205 description 4206 "Role of the site in the IPVPN."; 4207 } 4208 description 4209 "List of IPVPNs attached by the Site Network Access"; 4210 } 4211 } 4212 case vpn-policy-id { 4213 leaf vpn-policy-id { 4214 type leafref { 4215 path "/l2vpn-ntw/sites/site/vpn-policies/vpn-policy/vpn-policy-id"; 4216 } 4217 description 4218 "Reference to a vpn policy"; 4219 } 4220 } 4221 mandatory true; 4222 description 4223 "Choice for VPN attachment flavor."; 4224 } 4225 description 4226 "Defines VPN attachment of a site."; 4227 } 4228 description 4229 "Grouping for access attachment"; 4230 } 4232 grouping site-service-basic { 4233 container svc-input-bandwidth { 4234 if-feature input-bw; 4235 list input-bandwidth { 4236 key "type"; 4237 leaf type { 4238 type identityref { 4239 base bw-type; 4240 } 4241 description 4242 "Bandwidth Type"; 4243 } 4244 leaf cos-id { 4245 type uint8; 4246 description 4247 "Identifier of Class of Service 4248 , indicated by DSCP or a CE-CLAN 4249 CoS(802.1p)value in the service frame."; 4250 } 4251 leaf vpn-id { 4252 type svc-id; 4253 description 4254 "Identifies the target VPN."; 4255 } 4256 leaf cir { 4257 type uint64; 4258 description 4259 "Committed Information Rate. The maximum number of 4260 bits that a port can receive or send during 4261 one-second over an interface."; 4262 } 4263 leaf cbs { 4264 type uint64; 4265 description 4266 "Committed Burst Size.CBS controls the bursty nature 4267 of the traffic. Traffic that does not use the configured 4268 CIR accumulates credits until the credits reach the 4269 configured CBS."; 4270 } 4271 leaf eir { 4272 type uint64; 4273 description 4274 "Excess Information Rate,i.e.,Excess frame delivery 4275 allowed not subject to SLA.The traffic rate can be 4276 limited by eir."; 4277 } 4278 leaf ebs { 4279 type uint64; 4281 description 4282 "Excess Burst Size. The bandwidth available for burst 4283 traffic from the EBS is subject to the amount of bandwidth 4284 that is accumulated during periods when traffic allocated 4285 by the EIR policy is not used."; 4286 } 4287 leaf pir{ 4288 type uint64; 4289 description 4290 "Peak Information Rate, i.e., maixmum frame delivery allowed. 4291 It is equal to or less than sum of cir and eir."; 4292 } 4293 leaf pbs { 4294 type uint64; 4295 description 4296 "Peak Burst Size. It is measured in bytes per second."; 4297 } 4298 description 4299 "List for input bandwidth"; 4300 } 4301 description 4302 "From the PE perspective, the service input 4303 bandwidth of the connection."; 4304 } 4305 container svc-output-bandwidth { 4306 if-feature output-bw; 4307 list output-bandwidth { 4308 key "type"; 4309 leaf type { 4310 type identityref { 4311 base bw-type; 4312 } 4313 description 4314 "Bandwidth Type"; 4315 } 4316 leaf cos-id { 4317 type uint8; 4318 description 4319 "Identifier of Class of Service 4320 , indicated by DSCP or a CE-CLAN 4321 CoS(802.1p)value in the service frame."; 4322 } 4323 leaf vpn-id { 4324 type svc-id; 4325 description 4326 "Identifies the target VPN."; 4327 } 4328 leaf cir { 4329 type uint64; 4330 description 4331 "Committed Information Rate. The maximum number of 4332 bits that a port can receive or send during 4333 one-second over an interface."; 4334 } 4335 leaf cbs { 4336 type uint64; 4337 description 4338 "Committed Burst Size.CBS controls the bursty nature 4339 of the traffic. Traffic that does not use the configured 4340 CIR accumulates credits until the credits reach the 4341 configured CBS."; 4342 } 4343 leaf eir { 4344 type uint64; 4345 description 4346 "Excess Information Rate,i.e.,Excess frame delivery 4347 allowed not subject to SLA.The traffic rate can be 4348 limited by eir."; 4349 } 4350 leaf ebs { 4351 type uint64; 4352 description 4353 "Excess Burst Size. The bandwidth available for burst 4354 traffic from the EBS is subject to the amount of bandwidth 4355 that is accumulated during periods when traffic allocated 4356 by the EIR policy is not used."; 4357 } 4358 leaf pir{ 4359 type uint64; 4360 description 4361 "Peak Information Rate, i.e., maixmum frame delivery allowed. 4362 It is equal to or less than sum of cir and eir."; 4363 } 4364 leaf pbs { 4365 type uint64; 4366 description 4367 "Peak Burst Size. It is measured in bytes per second."; 4368 } 4369 description 4370 "List for output bandwidth"; 4371 } 4372 description 4373 "From the PE perspective, the service output 4374 bandwidth of the connection."; 4375 } 4376 description 4377 "Grouping for site service"; 4378 } 4380 grouping flow-definition { 4381 container match-flow { 4382 leaf dscp { 4383 type inet:dscp; 4384 description 4385 "DSCP value."; 4386 } 4387 leaf dot1q { 4388 type uint32; 4389 description 4390 "802.1q matching. It is VLAN Tag added into frame."; 4391 } 4392 leaf pcp { 4393 type uint8{ 4394 range "0 .. 7"; 4395 } 4396 description 4397 "PCP value"; 4398 } 4399 leaf src-mac { 4400 type yang:mac-address; 4401 description 4403 "Source MAC"; 4404 } 4405 leaf dst-mac { 4406 type yang:mac-address; 4407 description 4408 "Destination MAC"; 4409 } 4410 leaf color-type { 4411 type identityref { 4412 base color-type; 4414 } 4415 description 4416 "Color Types"; 4417 } 4418 leaf-list target-sites { 4419 type svc-id; 4420 description 4421 "Identify a site as traffic destination."; 4422 } 4423 leaf any { 4424 type empty; 4425 description 4426 "Allow all."; 4427 } 4428 leaf vpn-id { 4429 type svc-id; 4430 description 4431 "Reference to the target VPN."; 4432 } 4433 description 4434 "Describe flow matching criteria."; 4435 } 4436 description 4437 "Flow definition based on criteria."; 4438 } 4440 grouping services-grouping { 4441 container service { 4442 uses site-service-qos-profile; 4443 description 4444 "Container for service"; 4445 } 4446 description 4447 "Grouping for Services"; 4448 } 4450 grouping service-grouping { 4451 container service { 4452 uses site-service-basic; 4453 uses site-service-qos-profile; 4454 description 4455 "Container for service"; 4456 } 4457 description 4458 "Grouping for service."; 4459 } 4461 grouping site-service-qos-profile { 4462 container qos { 4463 if-feature qos; 4464 container classification-policy { 4465 list rule { 4466 key "id"; 4467 ordered-by user; 4468 leaf id { 4469 type string; 4470 description 4471 "A description identifying qos classification 4472 policy rule."; 4473 } 4474 choice match-type { 4475 default "match-flow"; 4476 case match-flow { 4477 container match-flow { 4478 leaf dscp { 4479 type inet:dscp; 4480 description 4481 "DSCP value."; 4482 } 4483 leaf dot1q { 4484 type uint16; 4486 description 4487 "802.1q matching. It is VLAN Tag added into frame."; 4488 } 4489 leaf pcp { 4490 type uint8 { 4491 range "0 .. 7"; 4492 } 4493 description 4494 "PCP value."; 4495 } 4496 leaf src-mac { 4497 type yang:mac-address; 4498 description 4499 "Source MAC"; 4500 } 4501 leaf dst-mac { 4502 type yang:mac-address; 4503 description 4504 "Destination MAC."; 4505 } 4506 leaf color-type { 4507 type identityref { 4508 base color-type; 4509 } 4510 description 4511 "Color Types."; 4512 } 4513 leaf-list target-sites { 4514 if-feature target-sites; 4515 type svc-id; 4516 description 4517 "Identify a site as traffic destination."; 4518 } 4519 leaf any { 4520 type empty; 4521 description 4522 "Allow all."; 4523 } 4524 leaf vpn-id { 4525 type svc-id; 4526 description 4527 "Reference to the target VPN."; 4528 } 4529 description 4530 "Describe flow matching criteria."; 4531 } 4532 } 4533 case match-application { 4534 leaf match-application { 4535 type identityref { 4536 base customer-application; 4537 } 4538 description 4539 "Defines the application to match."; 4540 } 4541 } 4542 description 4543 "Choice for classification"; 4544 } 4545 leaf target-class-id { 4546 type string; 4547 description 4548 "Identification of the class of service. 4549 This identifier is internal to the 4550 administration."; 4551 } 4552 description 4553 "List of marking rules."; 4554 } 4555 description 4556 "Configuration of the traffic classification policy."; 4557 } 4558 container qos-profile { 4559 choice qos-profile { 4560 description 4561 "Choice for QoS profile. 4562 Can be standard profile or customized profile."; 4563 case standard { 4564 description 4565 "Standard QoS profile."; 4566 leaf profile { 4567 type leafref { 4568 path "/l2vpn-ntw/vpn-profiles/" 4569 +"valid-provider-identifiers" 4570 +"/qos-profile-identifier"; 4571 } 4572 description 4573 "QoS Profile to be used."; 4574 } 4575 } 4576 case custom { 4577 description 4578 "Customized QoS profile."; 4579 container classes { 4580 if-feature qos-custom; 4581 list class { 4582 key "class-id"; 4583 leaf class-id { 4584 type string; 4585 description 4586 "Identification of the class of 4587 service. This identifier is internal 4588 to the administration."; 4589 } 4590 leaf direction { 4591 type identityref { 4592 base qos-profile-direction; 4593 } 4594 default "bidirectional"; 4595 description 4596 "The direction which QoS profile is applied to. 4597 By default,the direction is bidirectional."; 4598 } 4599 leaf policing { 4600 type identityref { 4601 base policing; 4602 } 4603 default "one-rate-two-color"; 4604 description 4605 "The policing can be either one-rate, 4606 two-color (1R2C) or two-rate, three-color 4607 (2R3C). By default, the policing is on rate 4608 two color."; 4610 } 4611 leaf byte-offset { 4612 type uint16; 4613 description 4614 "For not including extra VLAN tags in the QoS 4615 calculation."; 4616 } 4617 container frame-delay { 4618 choice flavor { 4619 case lowest { 4620 leaf use-lowest-latency { 4621 type empty; 4622 description 4623 "The traffic class should use 4624 the lowest delay path."; 4625 } 4626 } 4627 case boundary { 4628 leaf delay-bound { 4629 type uint16; 4630 units "msec"; 4631 description 4632 "The traffic class should use 4633 a path with a defined maximum 4634 delay."; 4635 } 4636 } 4637 description 4638 "Delay constraint on the traffic 4639 class."; 4640 } 4641 description 4642 "Delay constraint on the traffic 4643 class."; 4644 } 4645 container frame-jitter { 4646 choice flavor { 4647 case lowest { 4648 leaf use-lowest-jitter { 4649 type empty; 4650 description 4651 "The traffic class should use 4652 the lowest jitter path."; 4653 } 4655 } 4656 case boundary { 4657 leaf delay-bound { 4658 type uint32; 4660 units "usec"; 4661 description 4662 "The traffic class should use 4663 a path with a defined maximum 4664 jitter."; 4665 } 4666 } 4667 description 4668 "Jitter constraint on the traffic 4669 class."; 4670 } 4671 description 4672 "Jitter constraint on the traffic 4673 class."; 4674 } 4675 container frame-loss { 4676 leaf rate { 4677 type decimal64 { 4678 fraction-digits 2; 4679 range "0..100"; 4680 } 4681 units "percent"; 4682 description 4683 "Frame Loss rate constraint on the traffic 4684 class."; 4685 } 4686 description 4687 "Container for frame loss rate."; 4688 } 4689 container bandwidth { 4690 leaf guaranteed-bw-percent { 4691 type decimal64 { 4692 fraction-digits 5; 4693 range "0..100"; 4694 } 4695 units "percent"; 4696 mandatory true; 4697 description 4698 "To be used to define the guaranteed bandwidth 4699 as a percentage of the available service 4700 bandwidth."; 4701 } 4702 leaf end-to-end { 4703 type empty; 4704 description 4705 "Used if the bandwidth reservation 4706 must be done on the MPLS network too."; 4707 } 4708 description 4709 "Bandwidth constraint on the traffic class."; 4710 } 4711 description 4712 "List of class of services."; 4713 } 4714 description 4715 "Container for list of class of services."; 4716 } 4717 } 4718 } 4719 description 4720 "Qos profile configuration."; 4721 } 4722 description 4723 "QoS configuration."; 4724 } 4725 description 4726 "This grouping defines QoS parameters 4727 for a site"; 4728 } 4730 /* MAIN L2VPN SERVICE */ 4731 container l2vpn-ntw { 4732 container vpn-profiles { 4733 container valid-provider-identifiers { 4734 leaf-list cloud-identifier { 4735 if-feature cloud-access; 4736 type string; 4737 description 4738 "Identification of public cloud service 4739 or internet service. Local administration 4740 meaning."; 4741 } 4742 leaf-list qos-profile-identifier { 4743 type string; 4744 description 4745 "Identification of the QoS Profile to be used. 4746 Local administration meaning."; 4747 } 4748 leaf-list bfd-profile-identifier { 4749 type string; 4750 description 4751 "Identification of the SP BFD Profile to be used. 4752 Local administration meaning."; 4753 } 4754 leaf-list remote-carrier-identifier { 4755 type string; 4756 description 4757 "Identification of the remote carrier name to be used. 4758 It can be L2VPN partner, Data center service provider 4759 or private cloud service provider. Local administration 4760 meaning."; 4761 } 4762 nacm:default-deny-write; 4763 description 4764 "Container for Valid Provider Identifies."; 4765 } 4766 description 4767 "Container for VPN Profiles."; 4768 } 4770 container vpn-services { 4771 list vpn-svc { 4772 key "vpn-id"; 4773 leaf vpn-id { 4774 type svc-id; 4775 description 4776 "Defining a service id."; 4777 } 4778 leaf vpn-svc-type { 4779 type identityref { 4780 base service-type; 4781 } 4782 description 4783 "Service type"; 4784 } 4785 leaf customer-name { 4786 type string; 4787 description 4788 "Customer name"; 4789 } 4790 leaf svc-topo { 4791 type identityref { 4792 base vpn-topology; 4793 } 4794 description 4795 "Defining service topology, such as 4796 any-to-any,hub-spoke, etc."; 4797 } 4798 /*uses vpn-service-cloud-access;*/ 4799 /*container global-l2cp-control { 4800 if-feature L2CP-control; 4801 leaf stp-rstp-mstp { 4802 type control-mode; 4803 description 4804 "STP/RSTP/MSTP protocol type applicable to all UNIs"; 4805 } 4806 leaf pause { 4807 type control-mode; 4808 description 4809 "Pause protocol type applicable to all UNIs "; 4810 } 4811 leaf lldp { 4812 type boolean; 4813 description 4814 "LLDP protocol type applicable to all UNIs "; 4815 } 4816 description 4817 "Container of L2CP control global configurations"; 4818 }*/ 4819 uses l3vpn:status-timestamp; 4820 uses site-service; 4821 uses vpn-service-multicast; 4822 uses vpn-extranet; 4823 uses svc-mtu-grouping; 4824 uses svc-preservation-grouping; 4825 uses svc-transport-encapsulation; 4826 container vpn-nodes { 4827 list vpn-node { 4828 key "vpn-node-id ne-id"; 4830 leaf vpn-node-id { 4831 type string; 4832 description ""; 4833 } 4834 leaf description { 4835 type string; 4836 description 4837 "Textual description of a VPN node."; 4838 } 4839 leaf node-role { 4840 type identityref { 4841 base site-role; 4842 } 4843 default any-to-any-role; 4844 description 4845 "Role of the vpn-node in the IP VPN."; 4846 } 4847 leaf ne-id { 4848 type string; 4849 description 4850 "NE IP address"; 4851 } 4853 uses vpn-route-targets; 4855 container vpn-network-accesses { 4856 list vpn-network-access { 4857 key "network-access-id"; 4858 leaf network-access-id { 4859 type string; 4860 description 4861 "Identifier of network access"; 4862 } 4864 leaf description { 4865 type string; 4866 description 4867 "String to describe the element."; 4868 } 4870 leaf remote-carrier-name { 4871 when "'../site-type' = 'enni'" { 4872 description 4873 "Site type = enni"; 4874 } 4875 type string; 4876 description 4877 "Remote carrier name"; 4878 } 4879 leaf Interface-mtu { 4880 type uint32; 4881 description 4882 "Interface MTU, it is also known as the maximum transmission unit or 4883 maximum frame size,When a frame is larger than the MTU, it is 4884 broken down, or fragmented, into smaller pieces by the network protocol 4885 to accommodate the MTU of the network"; 4886 } 4887 uses l3vpn:status-timestamp; 4888 uses access-diversity; 4889 uses ethernet-connection-grouping; 4890 uses availability-grouping; 4891 uses service-grouping; 4892 uses svc-precedence; 4893 uses B-U-M-grouping; 4894 uses ethernet-svc-oam-grouping; 4895 uses mac-loop-prevention-grouping; 4896 uses acl-grouping; 4897 uses mac-addr-limit-grouping; 4898 uses site-bearer-params; 4899 description 4900 "List of VPN Network Accesses."; 4901 } 4902 description 4903 "List of VPN Nodes."; 4904 } 4905 description 4906 "Container of VPN Nodes."; 4907 } 4908 description 4909 "List of vpn-svc"; 4910 } 4911 description 4912 "Container of port configurations"; 4913 } 4914 description 4915 "Container for L2VPN service"; 4916 } 4917 description 4918 "Container for VPN services."; 4919 } 4920 } 4921 4923 Figure 6 4925 6. Acknowledgements 4927 T 4929 7. Contributors 4931 Daniel King 4932 Old Dog Consulting 4933 Email: daniel@olddog.co.uk 4935 8. IANA Considerations 4937 This document requests IANA to register the following URI in the "ns" 4938 subregistry within the "IETF XML Registry" [RFC3688]: 4940 URI: urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw 4942 Registrant Contact: The IESG. 4944 XML: N/A; the requested URI is an XML namespace. 4946 This document requests IANA to register the following YANG module in 4947 the "YANG Module Names" subregistry [RFC6020] within the "YANG 4948 Parameters" registry. 4950 name: ietf-l2vpn-ntw 4952 namespace: urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw 4954 maintained by IANA: N 4956 prefix: l2nm 4958 reference: RFC XXXX 4960 9. Security Considerations 4962 The YANG module specified in this document defines a schema for data 4963 that is designed to be accessed via network management protocols such 4964 as NETCONF [RFC6241] or RESTCONF [RFC8040] . The lowest NETCONF 4965 layer is the secure transport layer, and the mandatory-to-implement 4966 secure transport is Secure Shell (SSH) [RFC6242]. The lowest 4967 RESTCONF layer is HTTPS, and the mandatory-to-implement secure 4968 transport is TLS [RFC8466]. 4970 The Network Configuration Access Control Model (NACM) [RFC8341] 4971 provides the means to restrict access for particular NETCONF or 4972 RESTCONF users to a preconfigured subset of all available NETCONF or 4973 RESTCONF protocol operations and content. 4975 The ietf-l2vpn-ntw module is used to manage L2 VPNs in a service 4976 provider backbone network. Hence, the module can be used to request, 4977 modify, or retrieve L2VPN services. There are a number of data nodes 4978 defined in this YANG module that are writable/creatable/deletable 4979 (i.e., config true, which is the default). These data nodes MAY be 4980 considered sensitive or vulnerable in some network environments. 4981 Write operations (e.g., edit-config) and delete operations to these 4982 data nodes without proper protection or authentication can have a 4983 negative effect on network operations. These are the subtrees and 4984 data nodes and their sensitivity/vulnerability in the ietf-l2vpn-ntw 4985 module: 4987 o vpn-service: An attacker who is able to access network nodes can 4988 undertake various attacks, such as deleting a running L2 VPN 4989 Service, interrupting all the traffic of a client. 4991 Some of the readable data nodes in this YANG module may be considered 4992 sensitive or vulnerable in some network environments. It is thus 4993 important to control read access (e.g., via get, get-config, or 4994 notification) to these data nodes. These are the subtrees and data 4995 nodes and their sensitivity/vulnerability: 4997 o customer-name: An attacker can retrieve privacy-related 4998 information which can be used to track a customer. Disclosing 4999 such information may be considered as a violation of the customer- 5000 provider trust relationship. 5002 10. References 5004 10.1. Normative References 5006 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 5007 Requirement Levels", BCP 14, RFC 2119, 5008 DOI 10.17487/RFC2119, March 1997, 5009 . 5011 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 5012 DOI 10.17487/RFC3688, January 2004, 5013 . 5015 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 5016 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 5017 . 5019 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 5020 Access Control Model", STD 91, RFC 8341, 5021 DOI 10.17487/RFC8341, March 2018, 5022 . 5024 10.2. Informative References 5026 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 5027 the Network Configuration Protocol (NETCONF)", RFC 6020, 5028 DOI 10.17487/RFC6020, October 2010, 5029 . 5031 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 5032 and A. Bierman, Ed., "Network Configuration Protocol 5033 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 5034 . 5036 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 5037 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 5038 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 5039 2015, . 5041 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 5042 RFC 7950, DOI 10.17487/RFC7950, August 2016, 5043 . 5045 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 5046 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 5047 . 5049 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 5050 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 5051 May 2017, . 5053 [RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J. 5054 Rabadan, "Virtual Private Wire Service Support in Ethernet 5055 VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017, 5056 . 5058 [RFC8309] Wu, Q., Liu, W., and A. Farrel, "Service Models 5059 Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018, 5060 . 5062 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 5063 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 5064 . 5066 [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for 5067 Abstraction and Control of TE Networks (ACTN)", RFC 8453, 5068 DOI 10.17487/RFC8453, August 2018, 5069 . 5071 [RFC8466] Wen, B., Fioccola, G., Ed., Xie, C., and L. Jalil, "A YANG 5072 Data Model for Layer 2 Virtual Private Network (L2VPN) 5073 Service Delivery", RFC 8466, DOI 10.17487/RFC8466, October 5074 2018, . 5076 Authors' Addresses 5078 Samier Barguil (editor) 5079 Telefonica 5080 Madrid 5081 ES 5083 Email: samier.barguilgiraldo.ext@telefonica.com 5084 Oscar Gonzalez de Dios (editor) 5085 Telefonica 5086 Madrid 5087 ES 5089 Email: oscar.gonzalezdedios@telefonica.com 5091 Victor Lopez 5092 Telefonica 5093 Madrid 5094 ES 5096 Email: victor.lopezalvarez@telefonica.com 5098 Luis Angel Munoz 5099 Vodafone 5100 ES 5102 Email: luis-angel.munoz@vodafone.com 5104 Luay Jalil 5105 Verizon 5106 USA 5108 Email: luay.jalil@verizon.com